Lawmakers continue to look for answers about the recent Office of Personnel Management data breaches affecting millions of federal workers, with some House members calling for the director’s resignation.
“It is outrageous that after the biggest data breach in our nation’s history, OPM has yet to fire a single individual,” Rep. Mark Meadows, R-N.C., said in a statement Wednesday. “It is time that Director [Katherine] Archuleta step down and be replaced with someone prepared to immediately address cybersecurity vulnerabilities at the agency.”
Meadows chairs the Government Operations Oversight Subcommittee. House Oversight and Government Reform Chairman Jason Chaffetz, R-Utah, also reportedly told the press after Tuesday’s hearing on the breach that he believed Archuleta should resign.
What You Missed: Oversight Hearing on OPM Data Breach
White House Press Secretary Josh Earnest defended Archuleta in his press briefing Wednesday, saying,”The president does have confidence that she is the right person for the job.”
The same calls for the director’s resignation have yet to come from across the Capitol. The Senate is set to hold a briefing on the data breaches Thursday, and Senate Homeland Security and Government Affairs Chairman Ron Johnson, R-Wis., has not called for Archuleta’s resignation.
“We need to consider all options for building up the physical and human capital security needs of OPM,” Johnson said in a statement to CQ Roll Call. “We also need to look at ways to bring in leaders who are stronger on cybersecurity. This absolutely needs to happen in order to keep the data of Americans safe from foreign adversaries.”
On June 4, the OPM announced a breach of records for more than 4 million federal employees discovered in April. Originally, only executive branch workers were thought to be affected, but Archuleta told lawmakers Tuesday the breach affected workers in all three branches of government. The agency also discovered a second breach relating to background check information, and the OPM does not have an estimate for the number of workers affected in that incident.
Lawmakers whose constituencies include many federal employees are also still looking for answers, even after the hearing and a House-wide classified briefing Tuesday.
“Identity theft, especially by a potential foreign entity, is a very serious national security issue that touches many of my constituents’ lives,” Rep. Barbara Comstock, R-Va., wrote in a letter to Archuleta Tuesday.
Comstock, a former congressional staffer, wrote that she and many of her constituents have received notices their data was compromised. Comstock requested a personal briefing on the incident and demanded to know how many of her constituents were affected.
Former and current congressional staffers were among the throngs of employees who received notices this week, though they were originally told it appeared only executive branch workers were affected. But on Tuesday, it became clear that congressional employment records were transferred to the OPM after their employment ended, or when there was a break in service, rendering their records vulnerable to the attack.
“You are receiving this notification because we have determined that the data compromised in this incident may have included your personal information, such as your name, social security number, date and place of birth, and current or former address,” read the letter sent to affected employees, obtained by CQ Roll Call.
OPM Chief Information Officer Donna Seymour wrote in the letter to employees that they were eligible for a free credit-monitoring service and $1 million in identity theft insurance. But Seymour noted the services were offered as a “convenience.” She added, “However, nothing in this letter shall be construed as OPM or the U.S. government accepting liability for any of the matters covered by this letter or for any other purpose.”
House and Senate administrators maintained that the OPM remained the “definitive source for information on the breach,” in messages to employees sent Tuesday evening, obtained by CQ Roll Call.
House Chief Administrative Officer Ed Cassidy and the Office of Senate Sergeant-at-Arms Frank J. Larkin both sent out memos that congressional employees who left or had a break in service could be vulnerable, even if they did not work for the executive branch.
Cassidy also referred to the second breach involving background investigations, noting, “In addition, the background investigation files of individuals holding security clearances (whether currently active or not) may have been exposed.” Both offices said they would continue to monitor the situation.
Niels Lesniewski, Emily Cahn and Emma Dumain contributed to this report.