The Department of Justice has confirmed in federal court filings what whistleblowers warned about for months: operatives embedded inside the Social Security Administration by the Department of Government Efficiency shared Americans' private data with an outside political advocacy group — and did so through a secret agreement that was never vetted by the agency's data governance office.

The revelations, pieced together from multiple court filings and congressional oversight letters, paint a picture of an efficiency initiative that operated as though federal privacy laws were optional — and that the most sensitive personal records in the government's possession were assets to be leveraged for political ends.

The Voter Data Agreement

According to a corrected declaration filed by the SSA in January 2026, a DOGE-affiliated employee signed and transmitted what the filing describes as a "Voter Data Agreement" on March 24, 2025. The agreement was made with an unnamed advocacy organization whose stated purpose was to find evidence of voter fraud and challenge election results in certain states.

The agreement was not reviewed, approved, or even logged through SSA's standard data exchange procedures — protocols that exist specifically to prevent unauthorized disclosure of Americans' personal information. The identity of the advocacy group remains sealed in the court record, but senators on the Homeland Security and Governmental Affairs Committee have demanded the administration disclose it.

300 Million Records Copied Without Authorization

The voter data agreement was not an isolated incident. Chuck Borges, a career SSA employee turned whistleblower, alleged in testimony that DOGE staffers copied a dataset containing sensitive personal information on more than 300 million Americans into a virtual database without following any of the required security protocols. The dataset reportedly included names, Social Security numbers, addresses, and benefit information.

Borges told PBS that he raised alarms internally but was ignored. "There was no security assessment, no privacy impact analysis, no authorization from the Chief Information Officer," he said. "They just took it."

Separately, on March 3, 2025, a DOGE team member sent an encrypted file containing the names and addresses of approximately 1,000 individuals to the Department of Homeland Security. The email copied DOGE adviser Steve Davis and a DOGE employee detailed to the Department of Labor. Despite months of effort, SSA's Chief Information Office has been unable to access the file to determine exactly what it contained or why it was sent.

Unauthorized Servers and Hatch Act Referrals

The court filings further revealed that between March 7 and March 17, 2025, DOGE employees used links to share SSA data through an unapproved third-party server — a direct violation of federal information security requirements. The server was not part of SSA's authorized IT infrastructure, and the agency's security team was not informed of its use.

SSA officials told DOJ they first became aware of the full scope of these activities during an unrelated internal review in November 2025, the same month DOGE formally concluded its operations at the agency. In late December, the Trump administration made two referrals to the Office of Special Counsel under the Hatch Act, acknowledging that DOGE activities may have crossed the line from government efficiency into political activity conducted on taxpayer time with taxpayer data.

Congressional Response

Senator Gary Peters, ranking member of the Homeland Security and Governmental Affairs Committee, sent a letter to the SSA Inspector General on February 25, 2026, demanding a full audit of DOGE's data access during its tenure at the agency. The letter cited the voter data agreement, the unauthorized server use, and the bulk data copying as evidence of systematic disregard for privacy safeguards.

Representative Sylvia Garcia of the House Oversight Committee followed with her own letter in March, requesting that former DOGE officials provide documentation of every data access request made during their time at SSA.

The Accountability Question

The DOGE data scandal raises a fundamental question about government accountability: when an entity created to cut waste instead becomes a vector for mishandling the most sensitive data the government holds, who answers for it?

DOGE was established as a temporary initiative staffed largely by private-sector technologists and political appointees who operated with minimal oversight from career civil servants. Its employees had access to systems containing information on virtually every American who has ever worked, retired, or claimed disability benefits. The voter data agreement suggests that at least some of those operatives viewed that access not as a public trust, but as a political resource.

The Office of Special Counsel has not publicly disclosed the status of its Hatch Act investigation. The unnamed advocacy group that received the voter data agreement has not been identified. And the contents of the encrypted file sent to DHS remain unknown — even to the agency that was supposed to be protecting the data in the first place.

For the 300 million Americans whose records were copied into an unauthorized database, the efficiency promised by DOGE may have come at a cost that no spreadsheet can calculate.