A whistleblower complaint alleges John Solly claimed to have stored highly sensitive Social Security data on a thumb drive. Solly and Leidos, his current employer, strongly deny the allegations. John Solly, a software engineer and former member of the so-called Department of Government Efficiency (DOGE), is the DOGE operative reportedly accused in a whistleblower complaint of telling colleagues that he stored sensitive Social Security Administration (SSA) data on a thumb drive and wanted to share the information with his new employer, multiple sources tell WIRED. Since October, according to a copy of his résumé, Solly has worked as the chief technology officer for the health IT division of a government contractor called Leidos, which has already received millions in SSA contracts and could receive up to $1.5 billion in contracts with SSA based on a five-year deal it signed in 2023. Solly's personal website and LinkedIn have been taken offline as of this week.

For months, the Social Security Administration was quietly sharing sensitive data about immigrants with DHS. Last week, the Social Security Administration (SSA) quietly updated a public notice to reveal that the agency would be sharing "citizenship and immigration information" with the Department of Homeland Security (DHS). This data sharing was already happening: WIRED reported in April that the Trump administration had already started pooling sensitive data from across the government for the purpose of immigration enforcement. This public notice issued by SSA makes that official, months after the fact. The notice is known as a system of record notice (SORN), a document that outlines how an agency will share the data it has, with whom, and for what purpose. This notice is required under the Privacy Act of 1974.

As students returned to school this week, WIRED spoke to a self-proclaimed leader of a violent online group known as "Purgatory" about a rash of swattings at universities across the US in recent days. The group claims to have ties to the loose cybercriminal network known as The Com, and the alleged Purgatory leader claimed responsibility for calling in hoax active-shooter alerts. Researchers from multiple organizations warned this week that cybercriminals are increasingly using generative AI tools to fuel ransomware attacks, including real situations where cybercriminals without technical expertise are using AI to develop the malware. And a popular, yet enigmatic, shortwave Russian radio station known as UVB-76 seems to have turned into a tool for Kremlin propaganda after decades of mystery and intrigue. Each week, we round up the security and privacy news we didn't cover in depth ourselves.