According to a protected disclosure filed with the Office of Special Counsel, Borges told the Government Accountability Project that DOGE officials working at Social Security created a “live copy” of the country’s Social Security records in a separate cloud environment that sidestepped usual security checks.

The group says those lapses put the Social Security information of more than 300 million Americans at risk.

  • technocrit@lemmy.dbzer0.com
    link
    fedilink
    English
    arrow-up
    1
    ·
    16 minutes ago

    When are they going to tattoo the QR code on our foreheads? Or at least implant a chip?

    Seriously tho… Fuck these nationalist serial numbers for humans. It’s disgusting that humanity still runs on this trash.

  • rumba@lemmy.zip
    link
    fedilink
    English
    arrow-up
    12
    ·
    2 hours ago

    0 chance they hand out new SSID, that’s money and work and confusion, imagine every medical entity changing over that code?

    First, the govt would need to make a lookup table.

    Anyone that used their old ssid for something, or a system that had the old ssid in it, would need a translation to the new ID.

    Sooo at what point could you safely stop accepting old ID’s because they’re all changed over? Never. Some random medical provider in east bumfuck, TN, still uses your SSID from their own paper copy. So you’re stuck accepting old SSIDs and translating them into new SSIDs on demand, which completely breaks any security of changing IDs in the first place.

    There have been enough nexus/credit leaks over the years, it’s hardly news that those ID’s are compromised.

    • technocrit@lemmy.dbzer0.com
      link
      fedilink
      English
      arrow-up
      1
      ·
      edit-2
      14 minutes ago

      Don’t get so worked about what’s real and what’s not. It’s just the news. Phony as always.

      (seriously tho yeah u right.)

    • hamsterkill@lemmy.sdf.org
      link
      fedilink
      English
      arrow-up
      2
      ·
      2 hours ago

      True, but the thing is that the people in power will still complain about increased fraud if and when it happens and point to the government as irresponsible custodians of personal data.

  • muelltonne@feddit.org
    link
    fedilink
    English
    arrow-up
    12
    ·
    3 hours ago

    I’m sure that this will be more expensive to fix than whatever “savings” Elons ghouls have managed to bring.

    • BreadstickNinja@lemmy.world
      link
      fedilink
      English
      arrow-up
      10
      ·
      3 hours ago

      The people in power are the same ones who created DOGE. It’s like Epstein - not like they’re going to investigate themselves.

  • Formfiller@lemmy.world
    link
    fedilink
    English
    arrow-up
    16
    ·
    4 hours ago

    SIEZE Elons assets arrest try him and repair the damage to American infrastructure with his money

  • WraithGear@lemmy.world
    link
    fedilink
    English
    arrow-up
    10
    arrow-down
    1
    ·
    3 hours ago

    ssn was never intended to be a form of identification. it was specifically decided that it would not be used as a form of identification by the administration that controlled it

  • RoyaltyInTraining@lemmy.world
    link
    fedilink
    English
    arrow-up
    16
    arrow-down
    1
    ·
    4 hours ago

    I will keep laughing at Americans till they manage to get their broken democracy to establish an ID system like every other country.

    • JackbyDev@programming.dev
      link
      fedilink
      English
      arrow-up
      12
      ·
      3 hours ago

      The same group that pushes for voter ID laws refuses to implement a national ID system because they’re afraid of the mark of the beast.

  • Archer@lemmy.world
    link
    fedilink
    English
    arrow-up
    95
    arrow-down
    2
    ·
    18 hours ago

    They actually need to publicly release everyone’s SSNs so that they can’t be used for authentication anymore, which they never should have been

    • mic_check_one_two@lemmy.dbzer0.com
      link
      fedilink
      English
      arrow-up
      20
      arrow-down
      1
      ·
      10 hours ago

      I’ve been saying this for literal years now. They should release a publicly searchable database of every single SSN, name, and DOB. Force organizations to stop using those as a form of ID, because they’re not secure and never have been.

      Give it like a year of lead time. Like announce “March 1 2027, we’ll post the database” and then that gives institutions a full year to figure something new out.

    • remotelove@lemmy.ca
      link
      fedilink
      English
      arrow-up
      13
      arrow-down
      1
      ·
      13 hours ago

      SSNs are generally considered public information but how the SSN is linked to other information is usually the more difficult bit to find and it’s generally pay-walled. (Any jackass with a business license and a credit card can usually buy background check information for ‘hiring’.)

      But no, it shouldn’t be solely used for authentication. That is just dumb. However, it can be used as part of a larger verification and validation scheme while building authentication/authorization profiles. In most systems that I have seen that use full or partial SSNs, it is always linked to several other identifiers that need to match.

      • Archer@lemmy.world
        link
        fedilink
        English
        arrow-up
        15
        arrow-down
        1
        ·
        13 hours ago

        They are definitely not. People consider it increased risk for identity theft if they hear their SSN was stolen and you just cited how people are still using them in part for authentication. They need to be completely useless for authentication

        • remotelove@lemmy.ca
          link
          fedilink
          English
          arrow-up
          4
          ·
          edit-2
          12 hours ago

          I am making a slightly different point and have a bias to this perspective: https://www.legis.iowa.gov/docs/publications/SD/19230.pdf

          I am saying that an SSN can be part of a larger validation scheme, not the only key to the castle. Specifically for government sites, SSNs can be linked to IRS data to verify places of last residence. A person generally needs to verify multiple items that are referenced by the SSN before basic authentication can be established and set by the user. (This is part of the full Authentication, Authorization and Access Control triad.)

          An SSN is just a broad level identifier. If you look at many laws around the release of SSNs, the redaction is usually in place to prevent the linking of different documents and other data points.

          If I released my SSN in this chat, I could be fully doxxed in a matter of seconds. It’s mainly because there are many legal systems in place that use an SSN as a primary key, of sorts. (It’s a bit more than that, as SSNs can be duplicated in some circumstances.)

          So to say, at a high level, an SSN is considered private is absolutely correct. However, it’s so easily referenced and obtainable it really isn’t fully private either.

          If I was to generate a full list of every possible SSN in the US (which I have done, multiple times), that list is effectively useless to anyone who obtains a copy of it. So, by itself, an SSN is effectively public.

  • hperrin@lemmy.ca
    link
    fedilink
    English
    arrow-up
    222
    ·
    22 hours ago

    What a perfect time to stop using social security numbers for specifically the thing they were not designed to be.

    • TheMadCodger@piefed.social
      link
      fedilink
      English
      arrow-up
      33
      ·
      16 hours ago

      Except the dumfucks have railed against the idea of a national id number since before they removed “Not to be used for ID” from the SS cards. So instead we have a national id number that was never meant to be one and stupidly easy to figure out.

  • phutatorius@lemmy.zip
    link
    fedilink
    English
    arrow-up
    205
    arrow-down
    1
    ·
    23 hours ago

    All U.S. Social Security numbers may need to be changed

    Yeah, sure, and winged monkeys may fly out of my ass. But I doubt it’ll happen.

    • FauxLiving@lemmy.world
      link
      fedilink
      English
      arrow-up
      26
      ·
      19 hours ago

      The Trump administration is building a computer system so that States can ‘verify’ a person’s citizenship prior to allowing them to vote.

      This system has failed in many, many ways. That makes me think that they would use the SSN database and other intelligence sources in order to setup the system to fail at a much higher rate for everyone but likely MAGA voters.

      • gian @lemmy.grys.it
        link
        fedilink
        English
        arrow-up
        2
        ·
        5 hours ago

        The Trump administration is building a computer system so that States can ‘verify’ a person’s citizenship prior to allowing them to vote.

        As an Italian (but think most of EU citizens) who need to show my id card to vote, I don’t really see where is the problem if there is a check if the person could vote or not. I can agree that using the SSN maybe is not the right way but why should people who are not citizes allowed to vote ? For context, in Italy if I have my legal address (residenza) in Milan I cannot vote for the mayor of Rome, and btw, why should I ?

        • aquovie@lemmy.cafe
          link
          fedilink
          English
          arrow-up
          2
          ·
          3 hours ago

          Like most things the GOP says, they’re lying or exaggerating.

          You need to show proof of identity/citizenship to register to vote. As one piece of this process, you may choose to use your SS card. You must vote at your local polling place (or by mail). You can not travel to some other city to vote.

          Organized vote fraud would be hard to do and hard to hide. The only cases were MAGA people trying to “balance out the vote fraud” from the other guys. And they were caught.

        • Bytemeister@lemmy.world
          link
          fedilink
          English
          arrow-up
          2
          ·
          3 hours ago

          The check in the US is done when you register to vote. Once you are registered, a variety of proofs of ID can be used to vote at your polling location.

          Requiring a passport and birth cert or some other strong ID are unnecessary at the actual voting site. The main reason for doing this is to make voting take longer, and be more strenuous, which means that you can have a greater effect on election results by manipulating the number of polling stations for an area.

          • gian @lemmy.grys.it
            link
            fedilink
            English
            arrow-up
            1
            ·
            4 minutes ago

            The check in the US is done when you register to vote. Once you are registered, a variety of proofs of ID can be used to vote at your polling location.

            And why the double check ? It would not be better to just go to the polling station, show your id and then vote ?
            (I undestand that it is a simplification, in the US people move way more often that here and this add some other problems)

            Requiring a passport and birth cert or some other strong ID are unnecessary at the actual voting site. The main reason for doing this is to make voting take longer,

            Considering that if I have no one before me to vote, it take about 30 seconds from the moment I enter the polling station and the moment I am handed the cards to cast the vote I would argue that saying that this way it will take longer is not really true.
            And, btw, we do the check of the document against a printed list who containt all the names of the people who can vote at a polling station, splitted between man and women.

            and be more strenuous, which means that you can have a greater effect on election results by manipulating the number of polling stations for an area.

            Every difficulty you build to try to make harder for your enemy voters to cast their vote is a difficulty you set up also for your voters.
            And simply manipulating the number of polling station in a certain area give you nothing: people who want to vote against you will come anyway and you cannot know if they will come before your voters of after and which voters eventually will lose their patience and just go home without casting a vote

        • FauxLiving@lemmy.world
          link
          fedilink
          English
          arrow-up
          6
          ·
          18 hours ago

          This is a conspiracy I can get behind!

          Oh yeah this part is 100% my personal inference:

          That makes me think that they would use the SSN database and other intelligence sources in order to setup the system to fail at a much higher rate for everyone but likely MAGA voters.

          It isn’t completely baseless, the DHS has created a tool called Systematic Alien Verification for Entitlements, or SAVE. The push on the right is to make it so that everyone has to prove their citizenship in order to vote. So a system like this SAVE system is what they would want to put in place to make it easy to ‘verify citizenship’ at polling places.

          Having an electronic tool who’s underlying system is a complete black box and exclusively controlled by the executive branch which has been shown to incorrectly identify people’s citizenship status would allow a group acting in bad faith to surreptitiously introduce ‘errors’ that affect voters who have been identified (by the domestic spy network that is Google and Co.) as being likely opposition voters.

          I’m not saying that this is what IS happening. I’m saying that this system is exactly the kind of system that you would design if you were trying to do what I’m suggesting.

          Here’s a source about the system, because you shouldn’t just trust ‘people’ on the Internet:

          https://www.propublica.org/article/save-voter-citizenship-tool-mistakes-confusion