Summary
Elon Musk and his “Department of Government Efficiency” (DOGE) have been granted access to the U.S. Treasury’s federal payment system, raising concerns about security and misuse.
Treasury Secretary Scott Bessent approved the move after a top Treasury official was ousted for resisting.
Critics warn Musk could freeze payments to government programs or manipulate federal contracts.
The move coincides with DOGE’s takeover of the Office of Personnel Management.
Experts call it a dangerous power grab, as Musk holds no official government position.
You must log in or register to comment.
Why is Facebook 2auth reset harder, than stealing someones identity in US?
Thanks to Verizon/TMobile/AT&T being the swiss cheese fort Knox, I’d be surprised if Felon Skum didn’t have it.
Companies have played fast and loose with our PII for so long that it’s at a point where we need something else to act as that value so it’s actually secret. But with this administration, that would end up being a wrist tattoo…
I already have a suspicion that he might already be leaking information out to third parties from Twitter (private messages, etc.), so…
Everyone has my social security number. It’s one of the stupidest security fails of all time that nobody seems to want to fix. And now there is an entire “credit protection” industry so it will remain that way.
What happens when we file our taxes? Will we even get our refunds?
Would be funny if there was a mass movement and nobody paid their taxes.
Unfortunately, most people have their taxes withheld from their paychecks, and file their returns so they get a refund.
If people didn’t file returns, the IRS would end up with more money.
I kinda wish this were possible. I’ll pay my state, fuck the feds
Was just worrying about this with my spouse
SSN is not a password and anyone who uses it like one doesn’t understand security because you can’t change it. It’s a user ID, like a finger print or email address.
In principle yes; in practice, no.
All of my data got breached multiple times going back to the dot-com bubble days, by Yahoo, the original 2015 OPM Beach and by two of the big credit bureaus for a start. If Musk has my social at this point it doesn’t matter.
“May or may not, but mostly may.”
It’s safe to say he has a lot more than that
Not mine. I live in a country that isn’t an absolute joke.
Keyword unfortunately being “absolute”
What’s it like? :(
Just wait until dear old Nigel comes.
Starmer might be your Biden, a short but underwhelming break between far right incompetence (BoJo and Nigel).
Must be nice
So does everyone, thanks Equifax
It’s weird that SSNs are treated as some sort of secret number given they don’t have any security features. They were never supposed to be used the way they’re used today, but there’s no good alternative yet.
The US really needs a replacement, for example a national digital ID based on PKI (public key infrastructure) where you can generate new ID numbers based on a private key. Each bank, lender, employer, etc that needs it would get a unique ID that only works for them, and you could revoke access for just that one company if needed.
Kinda like how OAuth/OIDC login works, where you can log in to sites using your Google account, Apple account, self-hosted Authentik or Authelia, etc. but the site you’re logging in to never sees your password. If a site/app misbehaves, you revoke their access to the account, and everything else that uses the account can keep working.
I agree in principle, but try explaining that to your grandmother.
Here’s your ID. You can decide who gets to have it.
Easy. The average person isn’t going to care about the nerdy shit behind it, any more than they care how Facebook works behind the scenes.
They’ve been pushing against a national ID for decades so good luck convincing grandma it’s not the mark of the beast or something.
“why can’t you just use my SSN like that nice genius billionaire Elon Musk”
The US really needs a replacement, for example a national digital ID based on PKI… you revoke their access to the account, and everything else that uses the account can keep working
There is already an open standard growing around exactly this concept, Web5 Distributed IDs (DID): https://dev.to/tbdevs/what-is-web5-233o
Disclosure: I worked on the implementation for an Open Banking company (does that need to be disclosed? <shrug> I’m including it lest someone think I’m a shill)
Bruh who doesn’t at this point?
Elon Musk has to go.
Just to culture shock Americans: it’s not exactly the same but in Sweden our personal numbers are kept in the open. Even online. Searchable databases with names, phone numbers, addresses etc. It tells you if someone has a dog. It tells you if they have a car. Which car, even. Some tell you the income of the person you’re searching for. Sites even exist that could tell you if I’ve commited a crime. Some people think that’s unreasonable. Irresponsible even!
That said, as pertains to the article, the fact that he has that info seems pretty unreasonable and irresponsible.
My USA town will let you look up your taxes with just your last name and first initial. You can find out what real estate and car someone owns with that. Dog license seems to be in a different system.
My salary is public information because I’m a public employee.
At least in the past, you could use a person’s ssn to open credit cards, change utilities, and generally ruin someone’s life. Someone took out a credit card with my SSN when I was like 9 or 10 and it caused issues when I became an adult and tried to get a student loan for uni.
That is technically possible with our information too. It happens, but is bothersome. Taking out massive loans is possible too, with the right bank on the right day.
You’d need some way to verify the identity, but since such signatures are handled digitally through an app it’s just a good phishing call away really. You already have the phone number and the address if you have the personal identification number.
In the US, if you know someone’s address (which is trivially easy to find online) and their social security number, you can open credit cards online.
The number itself is considered secure, so knowledge of the number is assumed to be enough identity confirmation for most applications.Yeah, that is a problem of course. It’s not a very secure system.
That is technically possible with our information too. It happens, but is bothersome.
Ohh well in that case, I’m sure nobody would bother taking advantage of it for free money…
Oh, it totally happens. It’s not that I wanted to say that it’s too bothersome. Scammers will do what scammers do.
There’s actually been some talk about gangs running such business from Spain. Mostly scamming old people.
It’s not that we don’t have all that info and more available, it’s that we want you to pay a data broker for it.
Some of this data, like commited crimes, is usually behind such a barrier here too. Though it is possible, even if a bit more complex, to get that info by yourself directly from the courts.
deleted by creator
You can get anyone’s SSN for $15 on the dark web. lol. The amount of leaks/hacks that have happened to all of the companies that require your SSN is insane.
You can get it on the clear web for about $20 completely legitimately. Background checks have been a thing forever and reveal basically everything.
Don’t they usually ask for your SSN before doing the background check? So they already have it?
You’d hope so but not really, they basically need as much partial information as you can supply so they know they’re finding the right records.
Fullz are great because you already know that social belongs to that person but you really just need enough cross-verifiable information to confirm. If you only have one or two pieces of info you can pay somebody like Checkr or Certn to run your check or just find a local PI to pull them. If you have LE connects they have access to databases with criminal histories as well but AFAIK (in my state at least) those searches are logged.
Lmfao. There ya go. Even better.
I’m sure quite a few people have mine. SSN’s aren’t a secure thing at all. It should be updated.
