Bisignano wrote that “all employees are required to go through a vetting process prior to being granted access to SSA information systems” and “are granted the appropriate permissions to perform their work” based on their job functions. He said the agency’s “AWS cloud environment is audited yearly to ensure these controls are implemented and maintained.”

We contacted Borges’ attorneys at the Government Accountability Project today and will update this article if we get a response.

Borges resigned “involuntarily”

Borges’ whistleblower report alleged that SSA officials violated the Federal Information Security Modernization Act by “knowingly placing a High-Value Asset containing data on over 450 million people in an uncontrolled environment.” The Government Accountability Project said that if “bad actors gain access to this cloud environment, Americans may be susceptible to widespread identity theft, may lose vital healthcare and food benefits, and the government may be responsible for re-issuing every American a new Social Security Number at great cost.”

Borges resigned from the SSA a few days after going public with his allegations. In a letter to Bisignano, Borges said he was “involuntarily” leaving his position.