Donna Seymour, who served as chief information officer for the Office of Personnel Management during a series of catastrophic breaches of federal personnel and background check records in 2014, announced her retirement Monday.
After the hacks — which compromised the personal information of more than 22 million Americans, including current and former federal employees as well as security clearance applicants and those close to them — House GOP lawmakers targeted Seymour, pushing for her to resign because of her responsibility in the incidents and alleged interference with the OPM inspector general during its subsequent investigations.
“Ms. Seymour has already failed the American people with her inability to secure OPM’s networks, and to learn that her office may be actively interfering with the work of the Inspector General only adds insult to injury,” Utah’s Jason Chaffetz, the Republican chairman of the House Committee on Oversight and Government Reform, wrote in a letter to OPM acting Director Beth Cobert in August 2015.
A nearly 40-year federal employee hired as OPM CIO in December 2013, Seymour announced her departure in a note to staff Monday. She was scheduled to appear before Chaffetz’s committee Wednesday for another round of questioning in its investigations into the hacks.
“Leaving OPM at this time was a very tough decision for me, but I feel it is in the agency’s best interest that my presence does not distract from the great work this team does every single day for this agency and the American people,” she wrote.
In her note, Seymour doesn’t directly reference the breaches, but talks of the “array of aging systems” she faced upon arriving at OPM and how she’s proud of the work her team did since, “to make OPM a leader in cyber response for the Federal government” and making initial strides to modernize its infrastructure. She had served less than year when the breaches occurred in 2014.
In a separate email to the OPM workforce, Cobert — whose predecessor, Katherine Archuleta, resigned amid the fallout of the breaches last July — similarly looks fondly upon Seymour’s service as CIO.
[Read more: Chaffetz calls for OPM CIO’s job.]
Seymour “inherited enormous information technology challenges that were years in the making,” Cobert wrote.
“Donna made significant progress in addressing those challenges. She helped modernize and enhance the security of OPM’s IT systems, revamped the CIO’s office, brought in new talent, consolidated and elevated the role of IT security, and worked to obtain the tools, resources and interagency expertise needed to improve OPM’s capabilities. Although we have more work to do to continue that progress, OPM’s IT infrastructure and security are in a better place today because of Donna’s efforts.”
U.S. Chief Information Officer Tony Scott agreed, noting that it was Seymour’s team that had identified the breach in the first place. “Throughout her distinguished 37-year career in public service, and most recently at OPM, Donna Seymour led successful efforts to modernize and enhance the federal government’s cybersecurity and elevate the critical importance of IT security,” Scott wrote in a statement emailed to reporters.
“Indeed, it was because of Donna and her team’s actions that OPM identified the cyber breach of its systems. In the subsequent weeks and months, they worked tirelessly to remediate the situation and embarked on the hard and necessary work to further improve the state of IT at OPM.
“We are in a significantly better place today because of Donna,” Scott concluded. “I wish her all the best.”
Chaffetz responded quite differently to the news.
“Ms. Seymour’s retirement is good news and an important turning point for OPM,” Chaffetz said in a statement. “On her watch, whether through negligence or incompetence, millions of Americans lost their privacy and personal data. The national security implications of this entirely foreseeable breach are far reaching and long lasting. OPM now needs a qualified CIO at the helm to right the ship and restore confidence in the agency.”
Chaffetz’s colleague, Rep. Will Hurd, R-Texas, piled on, lambasting the former DOD official for “her refusal to follow best practices and take responsibility initially” for the breach.
“The next OPM CIO must have a strong understanding of basic cyber hygiene and the willingness to do what it takes to get this problem fixed. I look forward to working with Acting Director Cobert and the next CIO to secure OPM’s systems,” concluded Hurd, who heads Oversight’s IT subcommittee.
Committee ranking member Rep. Elijah Cummings, D-Md., though, balanced his Republican counterparts’ criticism of the retiring Seymour.
“During the Oversight Committee’s work over the past year, we have heard from numerous experts inside and outside the agency who have commended Ms. Seymour for her professionalism, her competence, and her aggressive response to the OPM data breach,” Cummings said. “Unfortunately, efforts by Republicans to blame her for the cyber attack on OPM are both unfair and inaccurate, and they set a terrible precedent that will discourage qualified experts from taking on the challenges our nation faces in the future.”
Contact the reporter on this story via email at Billy.Mitchell@FedScoop.com or follow him on Twitter @BillyMitchell89. Subscribe to the Daily Scoop to get all the federal IT news you need in your inbox every morning at fdscp.com/sign-me-on.
Reporter Greg Otto contributed to this story.