OPM circles the wagons amid calls for firings

The Office of Personnel Management (OPM) defended its top officials Tuesday night after a day that saw lawmakers skewer the embattled agency, with some calling for firings over the mammoth data breach that has rocked the federal government.

In an extensive statement, OPM spokesman Sam Schumach praised the agency’s director, Katherine Archuleta, and chief information officer, Donna Seymour.

{mosads}Both officials were repeatedly berated during a House Oversight and Government Reform Committee hearing on Tuesday.

The two have guided an “aggressive modernization and security overhaul” of OPM’s networks, he said, “the very upgrades that made it possible for OPM to identify the recent cyberattacks.”

It’s thought the digital attack may have left up to 14 million people’s information in the hands of Chinese hackers, although the administration has not confirmed those details.

Archuleta has been on the job 19 months, with Seymour joining her shortly after.

Oversight Chairman Jason Chaffetz (R-Utah) said the duo’s poor performance at Tuesday’s hearing convinced him they needed to be fired. He wasn’t the only one to feel that way.

Lawmakers chastised the pair for ignoring the advice of the agency’s inspector general, which had issued a report in November recommending that 11 of the OPM’s 47 computer systems be shut down for not meeting security standards.

“They recommended it was so bad that you shut it down and you didn’t, and I want to know why,” Chaffetz told Archuleta.

“There are many responsibilities with our data,” Archuleta replied, frustrating Chaffetz. “To shut down the system, we need to consider all the responsibilities we have with our systems.”

Schumach expanded on Archuleta’s remarks, clarifying that the agency was mainly concerned about ensuring retirees could receive their benefits and that employees got their paychecks on time.

“We always have to be mindful of the unintended consequences of simply shutting systems down,” he said. “That is not always the only or best option available to us.”

House members were also incredulous that the OPM had not taken steps to encrypt its employee data prior to discovering the hack.

Archuleta explained that it was “not feasible” to implement encryption on many of the OPM networks because they were “too old.”

Schumach insisted that encryption would also not have thwarted the hackers.

“In fact, encryption in this instance would not have protected the data,” he said. “Our IT security team is actively building new systems with technology that will allow OPM to not only better identify intrusions, but to encrypt even more of our data.”

The updated systems will be able to encrypt “data at rest, but data in transit, and data displayed through masking or redaction,” Schumach said.

The agency is best served by sticking with Archuleta as she completes her security improvement plan, he maintained.

“Director Archuleta is committed to finishing the important work outlined in her IT strategic plan,” Schumach said.

Tags Jason Chaffetz

Most Popular

Load more


See all Video