"Senate Finance Committee Chairman Mike Crapo, R-Idaho, is asking the Social Security Administration for information following allegations that Department of Government Efficiency employees uploaded a live copy of confidential SSA information into a vulnerable cloud server. In a letter addressed to SSA Commissioner Frank Bisignano, Crapo wrote that "given the large amount of sensitive data under SSA's control, I consider the protection and security of [personally identifiable information] held by the agency to be a matter of first importance.""
"The information at the center of the whistleblower's complaint is a copy of the SSA database containing personal information for each person issued a Social Security number, including names, birthdays, race and ethnicity and more. The whistleblower, SSA's former chief data officer Chuck Borges, detailed in his complaint that the cloud environment housing the data lacked security controls like independent tracking of who has access to the data. Its creation "potentially violated multiple federal statutes," he alleged."
"An agency spokesperson told Nextgov/FCW in a statement that, "we are not aware of any compromise to this environment and remain dedicated to protecting sensitive personal data." Borges resigned from his post in late August, just days after submitting his disclosure, saying that the agency's actions "make my duties impossible to perform legally and ethically" and "have caused me serious attendant mental, physical, and emotional distress.""
Senator Mike Crapo requested information from the Social Security Administration after allegations that Department of Government Efficiency employees uploaded a live copy of SSA data to a vulnerable cloud server. The copied database reportedly includes personal information for every person issued a Social Security number, such as names, birthdays, race and ethnicity. Former SSA chief data officer Chuck Borges alleged the cloud lacked security controls like independent access tracking and that its creation potentially violated federal statutes. Crapo asked whether the data has been leaked or hacked and demanded details within two weeks. An SSA spokesperson said no compromise is known; Borges resigned days later and cited severe distress.
Read at Nextgov.com
Unable to calculate read time
Collection
[
|
...
]