Senate Staff Uncovers Security Lapses at Government Agencies Handled by DOGE

Locked Doors and Windows: Senate Staff Probes DOGE's Handling of Sensitive Data In a scene reminiscent of a spy thriller, Senate Democratic staff members recently conducted an investigation into the activities of DigitalOcean Government Entities (DOGE) at three government agencies. What they found was shocking: locked doors, windows covered with trash bags, and allegations of sensitive data being uploaded to unmonitored cloud environments. The probe, which has been shrouded in secrecy until now, reveals a complex web of concerns surrounding DOGE's handling of highly sensitive Social Security Administration (SSA) data. At the center of the controversy is Edward Coristine, a 19-year-old DOGE staffer who was previously fired from a job for leaking company data to a competitor. According to multiple whistleblowers, including then-SSA Chief Data Officer Chuck Borges, Coristine and other DOGE personnel were granted permission to move sensitive SSA data into an unmonitored cloud environment. This included uploading a live copy of NUMIDENT, which contains highly sensitive personal data on anyone who has held a social security number – every American. The Senate Democratic staff report describes the investigation as follows: "During our site visit at the General Services Administration (GSA), we observed that DOGE officials appeared to be hiding certain areas from view. Windows were covered with trash bags, and doors were locked." This behavior raises more questions than answers. What exactly are DOGE officials trying to hide? And what does this say about their handling of sensitive data? To understand the context behind these allegations, it's essential to delve into the world of cloud computing and government contracting. DOGE is a company that provides cloud services to government agencies, including the SSA. The company has been at the center of controversy in recent months, with several whistleblowers coming forward to allege that DOGE officials were mishandling sensitive data. Chuck Borges, who was instrumental in blowing the whistle on DOGE's activities, spoke to us about his concerns. "As a former Chief Data Officer at SSA, I have a deep understanding of the importance of protecting sensitive data," he said. "DOGE's actions are not only reckless but also potentially catastrophic." Borges' allegations are supported by another whistleblower who wishes to remain anonymous. This individual, who worked closely with Coristine and other DOGE personnel, described a culture of secrecy and lack of oversight within the company. "I was shocked when I discovered that sensitive data was being uploaded to an unmonitored cloud environment," this whistleblower said. "It's not just about the data itself; it's about the potential consequences of such actions." The Senate Democratic staff report highlights the severity of DOGE's alleged transgressions: "The uploading of a live copy of NUMIDENT to an unmonitored cloud environment raises significant concerns about the security and integrity of sensitive personal data. This is not just a matter of bureaucratic mismanagement; it's a potential threat to national security." As the investigation continues, one thing is clear: DOGE's handling of sensitive data has raised more questions than answers. The Senate Democratic staff report concludes that "further action is needed to ensure that government agencies are taking adequate measures to protect sensitive data from unauthorized access and misuse." The implications of this controversy extend far beyond the world of government contracting. It raises fundamental questions about accountability, transparency, and the handling of sensitive data in the digital age. As we continue to navigate the complexities of cloud computing and government contracting, one thing is certain: the public has a right to know how their sensitive data is being handled. The Senate Democratic staff's investigation serves as a stark reminder that even in the most secure environments, there are those who seek to exploit vulnerabilities for personal gain. The story of DOGE's handling of sensitive data is far from over. As we continue to uncover more information, one thing remains clear: the public deserves transparency and accountability in the handling of their sensitive data. *Based on reporting by Arstechnica.*