Less than a month after the director of the Office of Personnel Management resigned over accusations that she mismanaged the agency's cybersecurity and response to a pair of massive hacks, House Oversight Committee Chairman Jason Chaffetz is going after her cybersecurity deputy.
Donna Seymour is OPM's chief information officer, a position in which she worked closely with the former director, Katherine Archuleta, to deal with the fallout of the data breaches. Archuleta resigned on July 10, but Seymour stayed on as a new acting director was installed.
Chaffetz sent a letter Thursday to the acting director, Beth Cobert, asking her to remove Seymour from her post.
The Utah Republican cited a letter he received from the OPM Office of the Inspector General sent this week, which said, "There have been situations where actions by the [Office of the Chief Information Officer] have interfered with, and thus hindered, the OIG's work. Further, the OCIO has repeatedly provided the OIG with inaccurate or misleading information."
Chaffetz, who in June was joined by 17 Republican representatives in calling for both Archuleta and Seymour to resign, said in the letter to OPM Thursday that the OIG's comments drove him to renew his demand.
"Ms. Seymour has already failed the American people with her inability to secure OPM's networks, and to learn that her office may be actively interfering with the work of the Inspector General only adds insult to injury," Chaffetz wrote.
OPM spokesman Sam Schumach defended Seymour in a statement that noted her nearly 40 years of government work and an award for distinguished service from the Secretary of the Navy. "Since Ms. Seymour's arrival at OPM in late 2013, OPM has undertaken an aggressive effort to upgrade the agency's cybersecurity posture, adding numerous tools and capabilities to its various legacy networks," the statement read. "These efforts were critical in helping OPM to identify the recent cybersecurity incidents."
The two cyberattacks on the OPM, which took place over the last year but were not discovered until April and May, respectively, compromised more than 22 million individuals' personal information. The larger of the two breaches affected Social Security numbers, names, addresses, and even over a million fingerprints.
After the breaches, OPM accelerated security updates and procedures, releasing a report on its progress in June that said the agency was actively working to secure and modernize its systems.
This article has been updated with a statement from an OPM spokesperson.
We want to hear what you think about this article. Submit a letter to the editor or write to letters@theatlantic.com.
