mysteriously

On Friday, the Social Security Administration’s chief data officer, Chuck Borges, sent an email to agency staff claiming that he had been forcibly removed from his position after filing a whistleblower complaint this week accusing the agency of mishandling sensitive agency data. Minutes after the email went out, it disappeared from employee inboxes, two SSA sources tell WIRED.

“I am regretfully and involuntarily leaving my position at the Social Security Administration (SSA),” Borges wrote in the resignation letter to staff obtained by WIRED. “This involuntary resignation is the result of SSA’s actions against me, which make my duties impossible to perform legally and ethically, have caused me serious attendant mental, physical, and emotional distress, and constitute a constructive discharge.”

Less than 30 minutes after staffers received the email, it mysteriously disappeared from employee inboxes, the SSA sources tell WIRED. It is not clear whether the email had been restored after it was made unavailable, nor was the reason for the email’s disappearance immediately clear. One SSA staffer speculates that it was removed because it was critical of the agency.

“It certainly didn’t paint CIO leadership in a favorable light,” one SSA source says, referring to the SSA’s chief information officer.

Under the Federal Records Act of 1950, US agencies are typically required by law to maintain internal records, including emails.

Independent journalist Marisa Kabas was first to report on Borges’ resignation and his email’s disappearance in posts on Bluesky.

Neither Borges nor SSA immediately responded to requests for comment.

The “involuntary resignation” comes days after Borges filed a formal whistleblower complaint to the US Office of Special Counsel accusing the Department of Government Efficiency (DOGE) of wrongfully uploading SSA data, which included highly sensitive information on millions of people with Social Security numbers, to an unsecure cloud server. Borges alleges that uploading “live” SSA data to a cloud server outside of agency protocols is illegal and could put the data at risk of being hacked or leaked.

“Recently, I have been made aware of several projects and incidents which may constitute violations of federal statutes or regulations, involve the potential safety and security of high value data assets in the cloud, possibly provided unauthorized or inappropriate access to agency enterprise data storage solutions, and may involve unauthorized data exchange with other agencies,” Borges wrote in his Friday letter.

In a statement to The New York Times on Tuesday, SSA spokesperson Nick Perrine defended the agency’s data-security practices and claimed that the data Borges’ complaint references is “walled off from the internet.”

“SSA stores all personal data in secure environments that have robust safeguards in place to protect vital information,” Perrine said. “The data referenced in the complaint is stored in a long-standing environment used by SSA and walled off from the internet. High-level career SSA officials have administrative access to this system with oversight by SSA’s information security team.”

Borges’ whistleblower complaint included documents showing that DOGE affiliate John Solly, working under the SSA, asked a career agency employee to copy data from Numident, a master SSA database including a lifelong record of all SSN holders, to a “virtual private cloud,” identified in the complaint as an Amazon Web Services server controlled by SSA. Edward “Big Balls” Coristine was also involved with the project, according to the complaint.

“Mr. Borges’ disclosures involve wrongdoing including apparent systemic data security violations, uninhibited administrative access to highly sensitive production environments, and potential violations of internal SSA security protocols and federal privacy laws by DOGE personnel Edward Coristine, Aram Moghaddassi, John Solly, and Michael Russo,” the complaint reads. “These actions constitute violations of laws, rules, and regulations, abuse of authority, gross mismanagement, and creation of a substantial and specific threat to public health and safety.”

Neither Coristine, Moghaddassi, Solly, nor Russo immediately responded to WIRED’s request for comment.

Source link