Tag Archive for: Ed Coristine

As I’ve noted repeatedly, there should be far more attention to the fact that right wing Governors are forcing members of their National Guard to leave their homes, their families, and their jobs to avenge Ed “Big Balls” Coristine, the privileged white kid with ties to criminal hackers who allegedly got assaulted when out past 3AM one night. Most are sending their own constituents away from their homes to fight crime, allegedly, in a safer place than their own home.

And now, they’re doing so to avenge a guy accused of potential misconduct that may put their own privacy at risk.

NYT was the first to report on a new whistleblower complaint, from Social Security’s Chief Data Officer, Chuck Borges, alleging that DOGE boys created a live copy of the entire Social Security database.  Specifically, the complaint alleges:

• When DOGE personnel were given access to Social Security data in mid-March, they had equipment pin access (meaning actions could not be traced to one user) and write access, potentially violating laws protecting IRS data.
• After Judge Ellen Lipton Hollander imposed a Temporary Restraining Order on DOGE access on March 20, DOGE almost immediately restored — and expanded — access to Social Security data, potentially exposing those who granted access to CFAA hacking charges.
• After SCOTUS lifted the preliminary injunction on this data, DOGE created their own replica of SSA’s Numerical Identification System on an insecure server.

A risk assessment of recreating a live Social Security database described the catastrophic risk involved.

Developers (presumably DOGE) planned to import NUMIDENT into the cloud, and because AWS-ACI is an extension of the SSA network, any other SSA production data and PII could also be imported; “unauthorized access to the NUMIDENT would be considered catastrophic impact to SSA beneficiaries and SSA programs” [emphasis Borges’];

Since earlier this month, Borges has been trying to understand the impact of that live replica database. Those with access — including Big Balls, but also Aaram Moghaddassi, who first created the replica copies — refused to respond to his questions. What answers he did get only confirmed his concerns. And he learned the the lawyers were instructing people not to answer his questions.

That same day, in response to Mr. Borges’ August 8, 2025 request for information about concerns raised, a CIO employee confirmed that while two cloud access accounts owned by Aaram Moghaddassi were created per SSA policy, they are not managed by the Division of Infrastructure Services (DIS), are self-administered, and include access to both test and live data environments. 67 Also on August 11, 2025 in response to the same August 7, 2025 request from Mr. Borges, another CIO employee provided the July 15, 2025 PATO and the June 25, 2025 approval by Russo of the NUMIDENT data transfer.

This information, while responsive to Mr. Borges’ request for information regarding data security concerns, serves to support Mr. Borges’ reasonable belief that the creation of the DOGE specific, self-administered cloud environment lacking independent security controls and hosting a copy of NUMIDENT constitutes an abuse of authority, gross mismanagement, substantial and specific threat to public health and safety, and potentially violation of law, rule, or regulation.

Moreover, to date, Mr. Borges has not received a response to his August 7, 2025 request for information from Coristine, Solly, and Tyquiengco. Nor has he received information to indicate that the cloud environment hosting the American public’s NUMIDENT data is protected by best practice and industry standard independent security controls. This leaves Mr. Borges with the reasonable belief that the NUMIDENT data is at risk of exposure, and without information necessary to effectuate his responsibilities as CDO.

Furthermore, Mr. Borges is aware that the Office of General Counsel has advised employees not to respond to his inquiries.68 Such restriction on information to the CDO puts Mr. Borges in an untenable position inhibiting his ability to effectuate the responsibilities of his role

When Justice Ketanji Brown Jackson dissented from lifting the preliminary injunction in June, she talked about how badly the Court was skewing relative harm, granting DOGE access — including to people like Big Balls — even while privacy law protected the data.

Just last week, I wrote about the requirements for granting stay applications and, in particular, how this Court’s emergency-docket practices were decoupling from the traditional harm-reduction justification for equitable stays. See Noem, 605 U. S., at ___ (slip op., at 5). With today’s decision, it seems as if the Court has truly lost its moorings. It interferes with the lower courts’ informed and equitable assessment of how the SSA’s data is best accessed during the course of this litigation, and it does so without any showing by the Government that it will actually suffer concrete or irreparable harm from having to comply with the District Court’s order.

[snip]

Stepping back to take a birds-eye view of the stay request before us, the Government’s failure to demonstrate harm should mean that the general equity balance tips decisively against granting a stay. See Noem, 605 U. S., at ___ (slip op., at 4). On the one hand, there is a repository of millions of Americans’ legally protected, highly sensitive information that—if improperly handled or disseminated—risks causing significant harm, as Congress has already recognized. On the other, there is the Government’s desire to ditch the usual protocols for accessing that data, before the courts have even determined whether DOGE’s access is lawful. In the first bucket, there is also the state of federal law, which enshrines privacy protections, and the President’s constitutional obligation to faithfully execute the laws Congress has passed. This makes it not at all clear that it is in the public’s interest for the SSA to give DOGE staffers unfettered access to all Americans’ non-anonymized data before its entitlement to such access has been established, especially when the SSA’s own employees have long been subject to restrictions meant to protect the American people.

John Roberts and his Republican colleagues have granted a kid with ties to criminal hackers, Ed “Big Balls” Coristine, live access to every American’s Social Security data.

And Jeanine Pirro thinks she should look to the streets of DC to find crime.