Katherine Archuleta, the head of Office of Personnel Management who has been under fire since revelations that millions of people’s personal data was compromised by hackers, is resigning.
Around midday Friday, Archuleta released a statement saying, “This morning, I offered, and the President accepted, my resignation.”
Her last day on the job will be today. The role of acting director will be filled by Beth Cobert, a former director at consulting firm McKinsey & Company who has led the Obama administration’s efforts to improve the OPM’s efficiency.
In her statement, Archuleta explained that it’s “best for me to step aside and allow new leadership to step in, enabling the agency to move beyond the current challenges and allowing the employees at OPM to continue their important work.”
Calls for Archuleta’s resignation began last month as the scope of the intrusions into the OPM’s databases became evident. At the same time, critics pointed out that the federal agency’s inspector general had warned that the systems were very vulnerable.
Archuleta is stepping down after weeks of scrutiny — and one day after her agency said the data breach was worse than many expected.
On Thursday, the OPM said that the breaches — which affect not only federal workers but also people who are listed as references on their security clearance records — included the Social Security numbers of 21.5 million people.
“OPM says the breach of 21.5 million records ‘is separate but related to a previous incident’ in which it identified 4.2 million current and former federal employees who had their records stolen,” as NPR’s Brian Naylor reported.
That earlier incident became public knowledge on June 4, when the OPM announced that a cyber attack in April had resulted in names, dates of birth, current and former addresses and other information being harvested by hackers.
Here’s Brian reporting on June 16, about congressional hearings on the data breach:
“House Oversight Committee Chairman Jason Chaffetz, R-Utah, said the inspector general’s office had said earlier that OPM’s computer security was so bad some of the systems should be shut down. His voice rising, Chaffetz told Archuleta, ‘your systems were vulnerable, the data was not encrypted, it could be compromised, they were right!’ Chaffetz went on, ‘last year they recommended it was so bad that you shut it down and you didn’t and I want to know, why?’
“Archuleta said some of the OPM computers were too old to handle encryption, and that shutting down the systems would have created payroll and benefit problems.”
After Archuleta resigned, Rep. Chaffetz issued a statement saying, “This is the absolute right call. OPM needs a competent, technically savvy leader to manage the biggest cybersecurity crisis in this nation’s history.”
He added, “This should have been addressed much, much sooner but I appreciate the President doing what’s best now.”