WASHINGTON — U.S. Office of Personnel Management chief Katherine Archuleta resigned on Friday, a day after the Obama administration said massive computer hacks at the government agency had put the personal data of more than 21 million people at risk.
The White House, facing harsh criticism from Republicans in Congress, said Archuleta had stepped down and that OPM was stepping up cybersecurity measures, such as limiting the number of “privileged users” of computer data.
“I conveyed to the president that I believe it is best for me to step aside and allow new leadership to step in,” Archuleta said in a statement.
The latest hacking revelation at OPM is in addition to one affecting data on about 4.2 million current and former federal workers that was stolen in what the office called a “separate but related” hacking incident.
Because many of the same people were affected by both hacks, the total comes to 22.1 million people. That means almost 7 percent of the U.S. population was susceptible to personal data theft in one of the most damaging cybersecurity breaches ever.
Beth Cobert, currently working in the White House budget office, will assume the role of acting director of the personnel office. Archuleta’s resignation will be effective at the end of Friday, the White House said.
Her departure was not expected to solve the agency’s technological problems, but congressional overseers said it was a step in that direction.
Social Security numbers and other sensitive information was stolen from OPM databases in the sweeping computer intrusions.
The United States has identified China as the leading suspect in the hacking of the U.S. government agency, but China’s Foreign Ministry has dismissed that as “absurd logic.”
Archuleta’s departure comes a day after House Speaker John Boehner, a Republican, issued a statement saying that he had “no confidence” in OPM’s current leadership.
Bruce Poliquin agreed.
“The resignation of OPM Director Katherine Archuleta is the right move in order to regain Mainers trust,” Poliquin said in a news release Friday. “This move will help give Mainers and the American people confidence that the Administration is taking this data breach seriously and will work to help those whose private information has been stolen. As a member of the Cybersecurity Caucus, I will continue to monitor this situation as more information becomes available and will be sure to hold the Administration accountable.”
Last month, Republican U.S. Sen. Susan Collins described to BDN readers in detail how wide swaths of her personal information had been compromised in the cyberattack. The data breach was reported at the time to have affected at least 4 million past and current federal workers, though Collins hinted at the time that the actual number was much higher.
Collins on Thursday reacted angrily to the news.
“It is unacceptable that OPM officials for weeks maintained that only 4.2 million Americans were affected, disputing the FBI’s assertion that the real number was 18 million,” said Collins in a written statement. “In the latest statement, OPM officials implausibly assert that ‘there is no information at this time to suggest any misuse or further dissemination of the information that was stolen from OPM’s systems.’ That incredible statement, which implies that the perpetrators of this lengthy and extensive attack have no intention of using the stolen data, suggests that OPM has yet to come to grips with the gravity of this cyber-attack.”
On Friday, Collins said, “New leadership at OPM sends an important signal that senior leadership throughout the Obama Administration must place a greater priority on cybersecurity and be accountable for the protection of their information systems, particularly those that hold sensitive personal data. I hope that OPM’s new leadership will heed the warnings and recommendations of its own watchdog, the Inspector General, in order to minimize the chance that such catastrophic and unacceptable intrusions occur in the future.
“It is time for Congress to pass a cybersecurity law that will strengthen our defenses and improve critical communication and cooperation between the private sector and government. We must do more to combat these dangerous threats in both government and the private sector.”
Archuleta also was buffeted by criticism from some Democrats. Sen. Mark Warner on Thursday accused her of a “slow and uneven response” to the data breach.
On Friday, Boehner, citing chronic problems at the Veterans Administration that led to the resignation of Secretary Eric Shinseki last year, said “a change in personnel does not always lead to real change” and Obama must “repair” the problem at OPM.
Obama appointed Archuleta to the top OPM job in May 2013 and she was sworn in the next November, becoming the first Latina to head the federal agency.
The computer hacks at OPM, coupled with computer glitches this week that disrupted operations at both the New York Stock Exchange and United Airlines, have raised serious concerns in Congress that the federal government needs to do more to improve and safeguard computer systems.
BDN writer Christopher Cousins contributed to this report.