Office of Personnel Management Director Katherine Archuleta resigned under pressure on Friday, a day after Obama administration officials announced that two major breaches last year of U.S. government databases holding personnel records and security-clearance files exposed sensitive information about at least 22.1 million people.
Archuleta, who had been leading the personnel agency for just 17 months, had been under fire from Republicans and Democrats in Congress and federal employee unions in the five weeks since she disclosed a massive hack of the employment files of 4.2 million current and former federal employees. But calls for her resignation grew late Thursday after administration officials revealed the full scope of a second hack that compromised background investigation files of federal employees, contractors, applicants and their families.
In an e-mail to her staff Friday morning, Archuleta wrote, “I conveyed to the President that I believe it is best for me to step aside and allow new leadership to step in, enabling the agency to move beyond the current challenges and allowing the employees at OPM to continue their important work.”
The White House announced that Beth Cobert, deputy director for management at the Office of Management and Budget, will take over the personnel agency in an acting role until President Obama appoints a permanent replacement. OPM has not had a deputy director since 2011; the president’s nominee for the No.2 job has been held up in Congress for many months.
Archuleta resigned “of her own volition,” White House press secretary Josh Earnest told reporters Friday. “The president thinks it’s quite clear that new leadership with a set of skills and experiences that are unique to the urgent challenges that OPM faces are badly needed.”
Before Obama nominated her to lead the otherwise obscure personnel agency, Archuleta was national political director for the president’s reelection campaign. She ranked among the administration’s prominent Latinas.
Earnest declined repeatedly to say that Archuleta’s resignation reflected a failure by the administration to manage the massive intrusions, which are believed to have been carried out by the Chinese government.
“There are significant [cybersecurity] challenges that are faced not just by the federal government, but by private-sector entities as well,” Earnest said. “This is a priority of the president.”
OPM’s chief information officer, Donna Seymour, who also was roundly criticized on Capitol Hill for failing to move quickly enough to shore up the agency’s defense against intruders, apparently will remain in her post.
“This is the right move for the agency and all those affected by the breach,” Sen. Mark Warner (D-Va.) said in a statement. “The focus now needs to be on fixing the problem and protecting those impacted.” On Thursday, Warner became the most prominent Democrat on Capitol Hill to call on Archuleta to step down.
Even as late as Thursday, she was resisting the calls, defending her efforts to modernize what she called “legacy” computer systems. Archuleta and others in the Obama administration said they discovered the breachesbecause of improvements they made to OPM’s cyber security under her leadership.
But Thursday’s disclosure that the breach of sensitive security clearance data was so vast, making it among the most potentially damaging cyber-heists in U.S. government history because of the abundant detail in the files, seemed to be the last straw.
By many accounts, Archuleta had seemed unsteady at four congressional hearings on the intrusions and failed to defend herself against criticism from lawmakers, much of it withering. Her agency’s inspector general only added to her problems, criticizing the agency’s slowness to shore up its computer networks. The private contractor OPM hired quickly to notify employees whose employment data may have been compromised was criticized for poor customer service, with long wait times for callers and repeated system crashes.
“I believe the steady drip, drip of bad news made this inevitable,” said Rep. Gerald Connolly (D-Va.), who had criticized Archuleta and the administration’s response to the breaches but stopped short of saying she should go.
Connolly said he believes “there are much bigger issues” involved in this breach “that the federal government and Congress must address,” including organized Chinese cyber attacks, the lack of investment in IT resources and the need to retire antiquated legacy systems.
House Oversight Committee Chairman Jason Chaffetz (R-Utah), who called for Archuleta’s resignation in June after berating her at the first hearing on the data breach, said in a statement, “OPM needs a competent, technically savvy leader to manage the biggest cybersecurity crisis in this nation’s history…. In the future, positions of this magnitude should be awarded on merit and not out of patronage to political operatives.”
Archuleta, a Colorado native, served as chief of staff to former labor secretary Hilda Solis and held positions at the Energy and Transportation departments. She has long been a force in Colorado’s Hispanic community.
She was confirmed in November 2013. Although she had no substantial background in directing large information technology projects, she made technology upgrades one of her priorities.
On her watch, OPM finalized a policy allowing retirement-eligible federal employees to phase into retirement by changing to part-time work while collecting a partial annuity. She launched a “recruitment, engagement, diversity and inclusiveness” initiative that responded in part to annual surveys showing poor morale among federal employees. She emphasized career development programs for employees seeking to move into the senior executive ranks and, under a White House order, expanded employees’ opportunities to use advance leave for family purposes, including for childbirth.
She also continued earlier administration initiatives to increase the representation of veterans and the disabled in the federal workforce.
Mose recently, OPM told agencies to limit their use of “administrative leave,” which is paid time off from work without a charge to vacation time. That followed a Government Accountability Office report finding that some employees have been put on such leave for months or even several years while disciplinary action is pending against them.
Richard G. Thissen, president of the National Active and Retired Federal Employees Association, said in a statement that the administration’s first priority “must be to protect federal employees, retirees and their loved ones impacted by the breaches. We hope Ms. Cobert heeds our request for lifetime [credit monitoring and identity theft] protection.”
Thissen also called on Cobert to “improve communications between OPM and federal employees and retirees and the groups that represent them.”
Eric Yoder contributed to this report.