A report issued Thursday accuses the Department of Government Efficiency of putting millions of Americans’ personal information in an unsecured cloud server.

Released by Senate Homeland Security Committee ranking member Sen. Gary Peters (D-Mich.), the report describes “unprecedented privacy and cybersecurity risks” by the agency, which one whistleblower warned could end with every American needing to be issued a new Social Security number.

Chuck Borges, former chief data officer at the Social Security Administration (SSA), filed a whistleblower complaint in August, revealing the existence of DOGE’s “vulnerable cloud environment.”

His accusations of DOGE’s mishandling of Americans’ personal information came after an appeals court ruled that DOGE could continue accessing sensitive federal data.

The report, compiled by the committee’s Democratic staff cites multiple whistleblowers, including Borges, and states that DOGE staffers “had been granted permission to move highly sensitive SSA data into an unmonitored cloud environment.”

“Authorization to upload live SSA data to the cloud environment was apparently granted, according to whistleblower disclosures, by Michael Russo and Aram Moghaddassi, both of whom are DOGE-affiliated,” the report continues.

Whistleblowers alleged that DOGE uploaded a live copy of Numerical Identification Files, also known as NUMIDENT, “which contains highly sensitive personal data on anyone who has held a Social Security number, including every American.”

The information uploaded includes Social Security numbers, place and date of birth, parents’ names and other sensitive information, the report adds.

An internal risk assessment conducted by the SSA found that there was a “between 35 and 65 percent” chance of a data breach with a “catastrophic adverse effect” occurring with the cloud environment.

“SSNs are the backbone for accessing all kinds of public and private services, from acquiring a driver’s license to going to the doctor,” the report states. 

“Beyond the toll on individuals, if the entirety of U.S. SSN data was compromised, the possible impact on the ability of financial institutions and other major segments of the economy to function could be enormous,” the report continues. 

The report recommends the SSA “immediately shut down the cloud environment” and “thoroughly audit” its use. It also recommends the SSA to determine whether any data breaches or manipulation of the cloud environment has occurred. 

“[G]iven the lack of agency visibility into the cloud environment, we may never know the full extent of any damage done,” the report reads.

The Hill has reached out to the White House and Homeland Security Committee chair Sen. Rand Paul (R-Ky.).