US OPM boss quits after hackers stole chapter and verse on 21.5m Americans' lives
Katherine Archuleta bows out after two years in the job
The director of the US Office of Personnel Management has handed in her resignation in the wake of further revelations about the scale of the hacking attack on the agency.
"This morning, I offered, and the President accepted, my resignation as the Director of the Office of Personnel Management," she said in a statement.
"I conveyed to the President that I believe it is best for me to step aside and allow new leadership to step in, enabling the agency to move beyond the current challenges and allowing the employees at OPM to continue their important work."
Last month, the OPM admitted that the personnel records of 4.1 million federal government employees had been stolen from its servers by hackers unknown. Then on Thursday the OPM revealed that an additional 21.5 million dossiers, including fingerprints and extensive background checks for security clearances, had been filched by hackers. The intruders had spent six months in the agency's servers.
The ensuing investigation showed a pathetic level of security within the OPM. Many of its servers are so antiquated they can't run encryption and modern security software, two-factor authentication is seldom used, and the agency wasn't even sure how many computer networks it had.
Archuleta has only been in the job for two years and had been implementing a plan to bring the OPM's networks up to scratch, albeit slowly. She faced harsh criticism for refusing to shut down servers identified by the US Inspector General as unsafe, and there have been numerous legislators calling for her scalp.
But as late as yesterday evening Archuleta was saying that she had no intention of resigning and would stay on to sort out the mess. It's clear that others disagreed and she has decided to step down rather than be fired.
"I am honored to have led this organization and to have served alongside the incredible team at OPM. I have complete confidence in their ability to continue to fulfill OPM’s important mission of recruiting, retaining, and honoring a world-class workforce to serve the American People," she said. "I conveyed to the president that I believe it is best for me to step aside and allow new leadership that will enable the agency to move beyond the current challenges and allow the employees at OPM to continue their important work."
The identity of the hackers isn't known, but James Clapper, Director of the National Intelligence, has said that China is the number one suspect. Former National Security Agency director Michael Hayden agrees, and said that the OPM was a legitimate target that he'd have hacked "at the speed of light" if he could get into the equivalent Chinese agency.
China has denied any involvement in the OPM hack, saying that the US should stop making "groundless accusations." ®
Sponsored: Becoming a Pragmatic Security Leader