Former Social Security official describes Musk team’s disregard for laws about sensitive data

President Donald Trump listens as Elon Musk, joined by his son X Æ A-Xii, speaks in the Oval Office at the White House, Feb. 11, in Washington. PHOTO — ALEX BRANDON

Image

By Lisa Rein

The Washington Post

They came in aggressively, a former official who witnessed Elon Musk’s team take over the Social Security Administration said, demanding access to sensitive taxpayer data and refusing briefings on how the agency ensures the accuracy of its benefit systems. They recklessly exposed data in unsecured areas outside Social Security offices, the official said, potentially disclosing personally identifiable information on almost every American to people not authorized to see it.

And representatives sent by the U.S. DOGE Service refused to explain why they needed taxpayer information that is protected by law, the former official said. Despite their status as political appointees, the secretive members of the cost-cutting group overseen by Musk ignored the normal chain of command, instead communicating directly with DOGE.

These and other allegations are included in a sweeping declaration filed as part of a federal lawsuit Friday from Tiffany Flick, the agency’s acting chief of staff until she was forced out in mid-February.

Flick describes a fast and tension-filled takeover of the agency and its sensitive data systems by DOGE in what amounted to a de facto coup by agency outsiders.

The declaration is the first in-depth public account from a high-ranking government executive of how Musk’s team is operating at one of dozens of agencies as it leads a downsizing of the federal government under President Donald Trump.

Software engineers with no government experience, some in their early 20s, have clashed with career civil servants at multiple agencies where DOGE has sought — and in some cases received — access to systems containing sensitive data on federal employees, government payments, taxpayer information and a sensitive child-support database.

“I witnessed a disregard for critical processes — like providing the ‘least privileged’ access based on a ‘need to know’ — and lack of interest in understanding our systems and programs,” Flick said in her 13-page declaration, written under oath.

“That combined with the significant loss of expertise as more and more agency personnel leave, have me seriously concerned that SSA programs will continue to function and operate without disruption.”

If Social Security’s long-standing information security policies and procedures continue to be ignored by the DOGE team, Flick wrote, “That could result in benefits not being paid out or delays in payments. … The stakes are high.”

Flick was a 30-year civil servant who started her career reviewing retirement and disability claims in a local field office. She rose to hold a number of senior positions in the budget office and other roles reporting directly to several Social Security commissioners before becoming acting chief of staff on Jan. 20, the day Trump was sworn in to office. Flick and acting commissioner Michelle King, another career leader, abruptly retired on Feb. 16 after resisting demands from DOGE to provide access to three massive databases containing sensitive taxpayer information. In their place, the White House elevated acting commissioner Leland Dudek, a mid-level data analyst who the career leaders believed had been improperly sharing information with DOGE. The career leaders had placed Dudek on paid leave and opened an investigation into his actions before he was promoted.

Social Security press officials did not respond to requests for comment.

In his first weeks at the helm, Dudek has announced plans for big job cuts and regional office closures at Social Security, which administers the safety-net program used by 73 million retired and disabled Americans. The reductions have alarmed Democrats and advocates and some Republicans, who fear that benefits will be affected. On Friday, The Washington Post reported that DOGE representatives are making the decisions at the agency, not Dudek, according to detailed notes of what he told a group of advocates in a meeting last week.

But it was the unorthodox — and in her mind, improper — manner used by the chief information officer and another DOGE-aligned appointee to infiltrate agency headquarters that alarmed Flick, who delivered her declaration to lawyers for Democracy Forward. The group is representing a coalition of unions and retirees that filed a motion for emergency relief in U.S. District Court for the District of Maryland Northern Division on Friday seeking to halt DOGE’s “unprecedented, unlawful seizure of personal, confidential, private and sensitive data.”

One of the fundamental responsibilities of any Social Security employee is to protect the confidentiality of the personal data and information the agency collects and holds. Numerous federal laws, including the Privacy Act, and internal regulations and policies govern the data and who can see it. If another agency wants to use the information kept by Social Security, an agreement takes months and multiple levels of review, Flick wrote.

In late January, Dudek, then working in an anti-fraud office, called Flick to tell her that DOGE representatives planned to work at agency headquarters in Woodlawn, Maryland. Dudek said they had contacted him. Flick told him to sever contacts with DOGE and refer them to the commissioner’s office.

The next day, Mike Russo, who has a private-sector technology background, joined as chief information officer and introduced himself as a DOGE representative, according to Flick’s declaration. Then, a software engineer named Akash Bobba joined after career officials were pressured by the Trump administration to rush him on board despite issues with his credentialing process, Flick said.

“I did not understand the apparent urgency with which Mr. Bobba needed to be onboarded and given access to SSA’s systems and data, which are highly sensitive,” Flick wrote. The administration became “increasingly impatient” for Bobba to get access.

Russo hung up on a reporter who called seeking comment Sunday. Bobba did not respond to a request for comment.

Russo never clarified what DOGE wanted to do with the Social Security data. But Flick concluded that the goal was to examine various types of alleged benefits fraud. She considered the concerns “to be invalid and based on an inaccurate understanding of SSA’s data and programs,” Flick wrote.

The commissioner’s office offered to brief Russo “on areas related to potential fraud” and what measures the agency takes to combat it. “However, Mr. Russo seemed completely focused on questions from DOGE officials based on the general myth of supposed widespread Social Security fraud, rather than facts,” Flick wrote.

Russo was also having conversations with other agencies — including the Treasury, Homeland Security and Education departments — about sharing Social Security data with them. “While data sharing with these agencies is normal, Mr. Russo’s lack of transparency … was not,” Flick wrote.

Russo’s office finally said it had trained Bobba to carry out a “special project” requested by DOGE, Flick wrote. But she was worried.

“I do not believe Mr. Bobba had a sufficient understanding of the sensitive nature of SSA data or the ways to ensure [its] confidentiality,” she wrote.

She determined that Bobba could have read-only, anonymous access to a database known as the Numident, which contains information to assign and maintain Social Security numbers. But because the file was provided to him in such haste, the data had technical glitches, Flick said. Bobba was analyzing the data at the Office of Personnel Management, where he was living and working. Flick worried that others may have had access to the information, which was not kept in a private location where systems and data could be protected from unauthorized access.

Then Russo and DOGE officials demanded more data. Immediately.

They wanted full access to the massive database containing not just the Numident files, but two others containing extensive information about anyone with a Social Security number, including work history; spouses and dependents; financial and banking information; marital status; and immigration and citizenship status — and detailed information about anyone who applies for or receives retirement or disability benefits.

Flick was alarmed. Even with read-only access, the DOGE representatives could copy and paste, export and screenshot the data or otherwise compile it for analysis, she wrote. But full access would allow them to change the data in the system.

Russo was evasive when Flick repeatedly asked him why DOGE wanted Social Security data. He “repeatedly stated that Mr. Bobba needed access to everything, including source code,” Flick wrote, referring to instructions written by programmers.

Social Security would normally not provide this access “even to our most skilled and highly trained experts,” she wrote.

The pushback from career officials led Russo to appeal to the chief information officer at the White House budget office, a political appointee, who wrote an opinion giving DOGE workers access to whatever they wanted.

The tension came to a head on Presidents’ Day weekend. Dudek was placed on paid leave “regarding allegations of multiple inappropriate actions,” Flick wrote. That prompted the White House to elevate him to acting commissioner. King and Flick were out. And Dudek gave DOGE the data they wanted.

Flick wrote that she is “deeply concerned about DOGE’s access to SSA systems and the potential to inappropriately and inaccurately disclose this information, especially given the rushed nature in which we were required” to bring the team to Social Security.

Flick said the problem isn’t existing fraud, but that the DOGE approach to taxpayers’ data might create opportunities for fraud in the system.

“I am not confident that DOGE associates have the requisite knowledge and training to prevent sensitive information from being inadvertently transferred to bad actors,” she wrote, describing political appointees at the personnel agency who “have never been vetted by SSA or trained on SSA data, systems or programs” now with access to data that was previously protected from almost everyone.

“In such a chaotic environment, the risk of data leaking into the wrong hands is significant,” Flick wrote.