WASHINGTON — Homeland Security Secretary Kristi Noem fired two dozen Federal Emergency Management Agency (FEMA) employees Friday following “massive” cybersecurity failures that compromised government networks and put operations “at risk.”
The ousted employees include FEMA Chief Information Officer Charles Armstrong, Chief Information Security Officer Gregory Edwards and 22 other IT workers at the agency, reps told The Post.
“FEMA’s career IT leadership failed on every level. Their incompetence put the American people at risk,” Noem said in a statement.
“When DHS stepped in to fix the problem, entrenched bureaucrats worked to prevent us from solving the problem and downplayed just how bad this breach was.”
Noem stated that the agency’s network was accessed by “a threat actor” after ordering a cybersecurity review at FEMA.
“Are we lucky,” a FEMA spokesperson added, “no actual American citizens were impacted? Yes, but it’s a huge flaw.”
“DHS was able to identify and finally get the bad actor,” the rep said. “But they turned off their credentials and then, somehow, the FEMA IT team turned their credentials back on.”
It’s unclear whether the threat came from a foreign actor, though the Department of Homeland Security was one of several agencies using Microsoft software to be targeted by Chinese state-linked actors last month.
“As of this writing, Microsoft has observed two named Chinese nation-state actors, Linen Typhoon and Violet Typhoon exploiting these vulnerabilities targeting internet-facing SharePoint servers,” the company wrote in a July 23 blog post.
The Beijing-sponsored hackers also breached SharePoint software used by the National Nuclear Security Administration, which is responsible for maintaining and modernizing the nation’s stockpile of nuclear weapons.
FEMA spent nearly half-a-billion dollars on IT and cybersecurity in fiscal year 2025.
DHS spokespeople said that the IT team “lied to officials about the scope and scale of the cyber vulnerabilities” and “avoided scheduled inspections.”
FEMA also was not using multi-factor authentication and ignoring other “cirtical vulnerabilities.”
“These deep-state individuals were more interested in covering up their failures than in protecting the Homeland and American citizens’ personal data, so I terminated them immediately,” Noem added. “The American people deserve results from their government.”
Read the full article here