By Cory Bennett - 12/10/15 12:25 PM EST
House Oversight Committee Chairman Jason ChaffetzJason ChaffetzOvernight Cybersecurity: Watchdog report dings Clinton email security IRS head vows to finish term despite impeachment push Top Oversight Dem blames GOP cuts for poor cybersecurity MORE (R-Utah) wants the Office of Personnel Management’s top technology official out of a job.
Chaffetz on Thursday reiterated his call for the firing of OPM Chief Information Officer Donna Seymour, in light of a new inspector general report that concluded the agency did not properly award a contract to notify the victims of perhaps the government’s worst data breach in history.
“I write once again to augment my concerns that Ms. Donna Seymour,” he said, “is unfit to perform the significant duties for which she is responsible.”
It’s at least the fifth time that Chaffetz has called for Seymour’s removal in the wake of this summer’s hacks at the agency, which exposed the sensitive data.
Fallout from the intrusions cost former OPM Director Katherine Archuleta her job, but Seymour has held on to her position despite Chaffetz’s criticism.
The Oversight chairman renewed his quest to get Seymour ousted after the OPM’s inspector general released the findings Thursday of its investigation into a contract that was awarded to government services firm Winvale and credit monitoring firm CSID.
Just days after the OPM revealed an initial hack that affected 4.2 million current and former federal workers, the agency hired Winvale and CSID to notify the victims and to offer them free credit monitoring services.
Almost immediately, lawmakers raised questions about how the $20 million contract had been awarded, amid reports it had been handed out swiftly and without the necessary vetting of different companies.
The inspector general (IG) report confirmed some of these concerns, concluding, “it is evident that significant deficiencies existed” in how the contract was awarded.
The watchdog found the OPM failed to include a “method of assessing contractor performance” and that the agency failed to fully inspect the market before awarding the contract.
The report also says many contract documents were not officially prepared until after the contract itself was awarded.
“Due to these issues, we are not confident that the contracting file gives a complete and accurate history of the actions taken to award the contract,” it read.
The IG’s findings are the latest in a string of watchdog reports that have identified technological shortcomings at the OPM.
“It is troubling that yet another IG report has found that Ms. Seymour failed to effectively fulfill her duties,” Chaffetz said. “The record is clear that six months after the American people first learned about OPM’s spectacular failure at securing sensitive personal information, change is needed in the Office of the Chief Information Officer.”
The OPM stood by Seymour in a statement issued shortly after Chaffetz sent his letter.
"Ms. Seymour has served our nation for 37 years, and has served with distinction," said OPM press secretary Sam Schumach, citing several professional awards.
Schumach said Seymour should be credited for leading the charge to upgrade the OPM's outdated networks since she arrived at the agency in 2013.
And since the hacks, Seymour has also overseen the agency's aggressive effort "to strengthen our broader cyber defenses and information technology systems," he added.
Regarding the IG report, Schumach reminded that "the award of this contract was done on an expedited basis" because of the severity of the hack."
He also noted that while the IG report was critical of the process, it "did not find that these issues affected the outcome of the award."
— Updated 2:46 p.m.