The Keys to the Safe: 5 Most Surprising Revelations From the DOGE Social Security Investigation

1. INTRODUCTION: The Unlikely Breach

Americans operate under a legal guarantee that their most sensitive personal information the digital bedrock of their lives is shielded by the full weight of federal privacy law. That guarantee was effectively shredded when the Department of Government Efficiency (DOGE) was authorized at the highest level to “modernize” the Social Security Administration (SSA). Recent whistleblower disclosures have exposed a chaotic reality: under the banner of presidential authorization, a team of unvetted young coders gained uninhibited administrative access to the most sensitive production environments in the country. This wasn’t an external hack; it was the systematic dismantling of federal safeguards in favor of “vibe coding” a reckless, disruption-first philosophy that treats the identities of 330 million people as a playground for experimentation.

2. THE “DOGE KIDS”: Inexperience Meets Absolute Access

The investigation has spotlighted the startling background of the “DOGE Kids,” a cohort of engineers aged 19–24 with zero government experience and histories that would traditionally make them toxic to any security clearance process. Figures like Edward “Big Balls” Coristine and Gavin Kliger were granted keys to the kingdom while their digital pasts suggested anything but stability.

Coristine, a 19-year-old former intern who was fired from a previous firm for leaking company secrets, allegedly has deep ties to “The Com” a digital underworld described by experts as the cybercriminal equivalent of a violent street gang. His online footprint includes domains registered in Russia and a history of providing tech support to cybercrime rings. Similarly, Gavin Kliger has credited Holocaust-denier Ron Unz for his “political awakening” and spent his time reposting white supremacist Nick Fuentes. Placing national infrastructure in the hands of “edgelords” led to a environment where career civil servants were subjected to “surprise code reviews” by teenagers who viewed the federal government as a legacy system to be “hacked.”

“USAid security personnel were defending a secure room holding sensitive and classified data in a standoff with [DOGE] employees when a message came directly from Elon Musk: give the Doge kids whatever they want.” – The Guardian

3. THE THUMB DRIVE: 500 Million Records in One Pocket

The investigation’s most staggering allegation centers on software engineer John Solly, a DOGE operative who reportedly bragged to colleagues that he had pocketed the SSA’s “crown jewels” on a personal thumb drive. The data in question includes the “Numident” and “Master Death File” databases containing the Social Security numbers, dates of birth, and parental information for over 500 million living and dead Americans.

Solly’s actions weren’t just a security breach; they were a massive conflict of interest. While embedded at the SSA, Solly worked on “Digital SSN” and “SSN verification API” projects tools designed to allow SSA data to be accessed by outside agencies and institutions. He then parlayed this experience into a Chief Technology Officer role at Leidos, a contractor holding a $1.5 billion deal with the SSA. Perhaps most chillingly, Solly allegedly told colleagues he was “confident Trump would pardon him” if his data exfiltration ever reached a courtroom.

“These guys handed the keys to the safe over to the data robbers, and then tried to cover it up. God bless the whistleblowers. Americans should be outraged.” – Former SSA Administrator Martin O’Malley

4. WEAPONIZED DATA: The “Voter Data Agreement”

On March 24, 2025, the investigation found that DOGE operatives bypassed every established agency procedure to sign a “Voter Data Agreement” with a private partisan political advocacy group. This agreement sought to cross-reference SSA data which uniquely includes verified citizenship status against state voter rolls to hunt for “fraud” in an attempt to overturn election results.

This represents a specialized form of data weaponization. By taking neutral federal records and feeding them to partisan actors, DOGE potentially violated the Hatch Act and the Privacy Act. This wasn’t a pursuit of efficiency; it was the use of a federal system of records as a political bludgeon, executed without the review or approval of career SSA authorities who are legally mandated to prevent such partisan interference.

5. “I ACCEPT ALL RISKS”: Ignoring the 65% Breach Probability

The technical recklessness of the DOGE takeover reached its peak with the push to move the NUMIDENT database into a cloud environment. Career SSA officials at the Office of Information Security formally determined the move was “impermissible,” citing a total lack of verified security controls that violated basic NIST and FISMA standards. Internal risk assessments were blunt: moving a production environment of this magnitude to a test cloud carried a 35% to 65% probability of a “catastrophic adverse effect” data breach.

Aram Moghaddassi, a DOGE affiliate and former Neuralink employee installed as the SSA’s CIO, dismissed these warnings with four words that may well define this era of governance:

“I accept all risks[.]”

By prioritizing “disruption” over the fundamental security of American identity, Moghaddassi and his team essentially invited a catastrophe that career experts had spent decades preventing.

6. DEFYING THE BENCH: Violating the Temporary Restraining Order

The investigation confirms a total breakdown of the rule of law within the SSA. On March 20, 2025, a federal judge issued a Temporary Restraining Order (TRO) explicitly barring DOGE members from continued access to SSA data. The agency, however, simply ignored the bench.

Between March 21 and March 24, 2025, DOGE members were granted “new and expanded” access to SSA systems. One operative continued running searches in the NUMIDENT database until 9:30 AM on the Monday after the order was issued. The SSA initially lied to the federal court about revoking this access, forcing the Department of Justice to later file “corrections” admitting the prior statements were false. In some cases, illegal access to call center profiles containing personally identifiable information (PII) continued as late as June 11, 2025.

7. CONCLUSION: A Future Without a Safety Net?

The “largest data theft in U.S. history” didn’t require a sophisticated foreign hack; it required only a thumb drive and a policy of institutionalized recklessness. By the time DOGE’s formal tenure ended, the “DOGE Kids” had been “institutionalized” embedded into the very agencies they spent months destabilizing.

The central theme of this investigation is not just the breach, but the permanency of the exposure. Once the records of 500 million people are exfiltrated to a thumb drive or a partisan server, they cannot be “un-leaked.” The American safety net has been rewired by actors who viewed privacy as a hurdle and the rule of law as a suggestion. We are left to ask: can the security of 70 million active beneficiaries ever truly be recovered, or has the vault been left open for good?