WASHINGTON, D.C. – U.S. Senator Gary Peters (D-MI), Ranking Member of the Homeland Security and Governmental Affairs Committee, released a report revealing that the Trump Administration’s Department of Government Efficiency (DOGE) is operating outside federal law, with unchecked access to Americans’ personal data. Staff investigations and whistleblower accounts show how DOGE personnel at the Social Security Administration (SSA), the General Services Administration (GSA), and the Office of Personnel Management (OPM) are working without any accountability to agency leadership, Congressional oversight, or the public.
Peters’ report includes multiple whistleblower disclosures that DOGE staff have copied Americans’ sensitive Social Security and employment data into a cloud database without any verified security controls, likely a serious violation of cybersecurity and privacy laws that puts the information at risk of being stolen by cybercriminals. One individual—previously fired from a private sector job for mishandling data—was found to have unrestricted access to SSA’s systems. Despite an SSA risk assessment warning of an up to 65% chance of catastrophic breach, the data remains in systems without any verified security controls. The consequences of a potential breach or improper release of this information, for example a potential hack are so severe that, according to a whistleblower, the fallout could require re-issuing Social Security numbers for every American—a process that would disrupt access to banking, employment, health care, and housing. The report outlines how the loss of Social Security numbers would trigger widespread identity theft, delay access to benefits, and destabilize core systems Americans rely on. Peters is calling for these agencies to immediately halt DOGE operations and access to information systems given the catastrophic risk of a serious data breach.
“DOGE isn’t making government more efficient—it’s putting Americans’ sensitive information in the hands of completely unqualified and untrustworthy individuals,” said Senator Peters. “They are bypassing cybersecurity protections, evading oversight, and putting Americans’ personal data at risk. We cannot allow this shadow operation to continue operating unchecked while millions of people face the threat of identity theft, economic disruption, and permanent harm. The Trump Administration and agency leadership must immediately put a stop to these reckless actions that risk causing unprecedented chaos in Americans’ daily lives.”
Read the Executive Summary, Findings and Recommendations
Over the past six months, Senator Peters directed oversight visits to key DOGE agencies, including SSA, the General Services Administration (GSA), and the Office of Personnel Management (OPM). Peters’ staff undertook these oversight visits after numerous formal requests for information went unanswered. What Peters’ staff observed was deeply troubling; several agency officials could not identify who was responsible for major decisions, such as workforce reductions, reorganizations, and data consolidation. In many cases, it was unclear whether agency leaders or DOGE operatives were actually in charge of operations. Further, staff observed there was a lack of a clear chain of command, leaving agencies vulnerable to manipulation and devoid of accountability.
DOGE operatives’ workspaces were guarded and largely empty, and they operated across multiple agencies simultaneously without required training or adherence to cybersecurity protocols and privacy protections. Agency officials contradicted court documents about whether DOGE staff had completed required privacy or security training before accessing sensitive systems, which raised serious concerns about compliance with federal law. The federal government has strict requirements to protect information when working with cloud service providers. Alarmingly, whistleblower disclosures show that DOGE staff at SSA failed to meet required cybersecurity and privacy standards before initiating their new cloud environment.
At GSA, DOGE personnel took over the administrator’s office. At OPM, leadership denied the presence of DOGE – contradicting their own statements in court – and were unaware or unwilling to share basic details about the agency’s organization and staffing. Career officials at all of the agencies expressed confusion over who was in charge and the nature of DOGE’s work. Staff were blocked from conducting follow up visits, and agencies have refused to answer written questions.
Anyone seeking to provide information to the Committee may find additional information about how to contact Ranking Member Peters’ staff here.
###