Katherine Archuleta and the Accountability ProblemPosted: June 23, 2015
Senators are continuing their call for the ouster of Katherine Archuleta, director of the Office of Personnel Management, where cyber hackers stole the records of millions of people
Lisa Rein writes: The federal personnel chief said Tuesday that she does not believe “anyone is personally responsible” for the massive hack of federal employee data and security clearance files and instead blamed the breach on old computer systems and the hackers themselves.
“If there’s anyone to blame, it’s the perpetrators. Their concentrated, very well-funded efforts to come into our system are what we’re concerned about.”
— Katherine Archuleta, director of the Office of Personnel Management
“We have legacy systems that are very old,” Katherine Archuleta, director of the Office of Personnel Management, told Senate lawmakers at a hearing on the intrusion. “It’s an enterprise-wide problem. I don’t believe anyone is personally responsible.”
She then told Sen. Jerry Moran (R-Kan.), who pressed her repeatedly to take responsibility for failing to shore up the agency’s computer security, that the attackers are the ones to blame.
“We have legacy systems that are very old. It’s an enterprise-wide problem. I don’t believe anyone is personally responsible.”
— Katherine Archuleta
“If there’s anyone to blame, it’s the perpetrators,” Archuleta said. “Their concentrated, very well-funded efforts to come into our system are what we’re concerned about.”
Her comments before lawmakers on the Senate Appropriations Committee were the first public pushback against a growing chorus of lawmakers, federal employees — and today, presidential candidate Jeb Bush — who have called on Archuleta to resign following the intrusion. She still has the support of President Obama, the White House said last week, but she is coming under increasing scrutiny as many of the 4.2 million active and former federal workers who’ve been affected by the attack say OPM has fumbled its response.
“So to date you don’t consider anyone at OPM to be personally responsible [for the attack]?” Moran asked her. “Or is this simply a problem with the system and no one in particular is responsible?”
Archuleta responded, “I’m as angry as you are that this has happened at OPM. But cybersecurity is the responsibility of all of us.”
Asked to address the growing complaints about long hold times and other customer service problems with the private contractor OPM hired to offer victims of the hack credit monitoring and other security protections, Archuleta said her agency is “demanding from our contractor that they improve their services.”
“I’m as angry as you are that this has happened at OPM. But cybersecurity is the responsibility of all of us.”
“I am as angry as you are about that,” she told Sen. John Boozman (R-Ark.), chairman of the committee’s financial services and general government panel. “I want to be sure they are doing everything they can to improve those wait times. Employees should not have to experience that.”
CSID, which operates three call centers and is sending notifications to employees, is a subcontractor of Winvale, which won a $21 million contract this month to notify victims of the data breach that their employment information, from Social Security numbers to life insurance beneficiaries, may be compromised. A Winvale spokesman has said CSID is adding staff at its call centers, but offered no details about the expansion and whether taxpayers are footing the bill….(read more)