Doge Might Be Storing Every American's Ssn on an Insecure Cloud Server
Key topics
A Senate report alleges that the Department of Government Efficiency (DOGE) is storing sensitive personal data, including Social Security Numbers, on an insecure cloud server, sparking concerns about data security and government accountability.
Snapshot generated from the HN discussion
Discussion Activity
Light discussionFirst comment
31m
Peak period
5
1-2h
Avg / period
3.3
Based on 13 loaded comments
Key moments
- 01Story posted
Sep 25, 2025 at 2:22 PM EDT
3 months ago
Step 01 - 02First comment
Sep 25, 2025 at 2:53 PM EDT
31m after posting
Step 02 - 03Peak activity
5 comments in 1-2h
Hottest window of the conversation
Step 03 - 04Latest activity
Sep 25, 2025 at 9:16 PM EDT
3 months ago
Step 04
Generating AI Summary...
Analyzing up to 500 comments to identify key contributors and discussion patterns
Want the full context?
Jump to the original sources
Read the primary article or dive into the live Hacker News thread when you're ready.
seq -w 0 999999999 | sed -E 's/^([0-9]{3})([0-9]{2})([0-9]{4})$/\1 \2 \3/' | awk '{ area=$1+0; group=$2; serial=$3 if (area==0 || area==666 || area>=900) next if (group=="00" || serial=="0000") next printf "%03d-%02s-%04s\n", area, group, serial }'
It's so clearly not the point of the db in the article that there is no chance anyone reads this and thinks it is the same thing the article is referencing. Is this just really low quality trolling?
> In addition to SSNs, the database reportedly includes Americans’ place and date of birth, work permit status, and parents’ names
This is quite a bit more information than just a number.
A quick shufti turned up https://aad.archives.gov/aad/series-description.jsp?s=5057 which states that "NUMIDENT" includes things like "mother's maiden name". Other sources imply that the signatures from SSN application forms (form SS-5) are stored here.
Normal methods of access to this database seem to include "NOVU" (https://catalog.data.gov/dataset/numident-online-verificatio...).
In the actual report main text, it says that the risk is between 35% and 65%, but does not explain the calculation, if any, that results in those numbers.
It's not until one reaches Appendix A that one finds that this really means that it has been assigned a value of 3 on a scale of 1 to 5, meaning "medium risk", and the value 3 is arbitrarily assigned that percentage range, originating with the U.S.A. FDA's Office of Information Security, where "low risk" (2) is similarly 10% to 35% and "very low risk" (1) is less than 10%.
7 more comments available on Hacker News