>>1429894It's interesting you didn't paste the text from the New York times article, because the full text doesn't actually say anything was accessible to the Internet or hackable, the whistleblower complaint alleges that it wasn't audited the same way that other SSA databases were, crating a "vulnerability"
He doesn't allege it was accessible, hackable, or impacted at all. He alleges it wasn't audited properly.
The account by the whistle-blower, Charles Borges, underscores concerns that have led to lawsuits seeking to block young software engineers at the agency built by Elon Musk from having access to confidential government data. In his complaint, Mr. Borges said DOGE members copied the data to an internal agency server that only DOGE could access, forgoing the type of “independent security monitoring” normally required under agency policy for such sensitive data and creating “enormous vulnerabilities.”
Mr. Borges did not indicate that the database had been breached or used inappropriately.
But his disclosure stated that as of late June, “no verified audit or oversight mechanisms” existed to monitor what DOGE was using the data for or whether it was being shared outside the agency. That kind of oversight would typically be provided by the agency’s career information security professionals, Mr. Borges said in his account.
And his complaint cites an official agency security assessment that described the project as “high risk” and that warned of “catastrophic impact” to Social Security beneficiaries and programs if the database were to be compromised.
