Homeland Security Secretary Kristi Noem has fired two dozen FEMA IT personnel, including some senior leaders, for allegedly violating security procedures, allowing sensitive data to be compromised, and lying when confronted about it..
“FEMA’s career IT leadership failed on every level. Their incompetence put the American people at risk,” said Secretary Noem. "When DHS stepped in to fix the problem, entrenched bureaucrats worked to prevent us from solving the problem and downplayed just how bad this breach was. These deep-state individuals were more interested in covering up their failures than in protecting the Homeland and American citizens’ personal data, so I terminated them immediately. The American people deserve results from their government.”
I have to admit that seeing federal IT types fired for incompetence does give me hope that there is a new day dawning in Civil Service.
At this point, the details are sketchy, but given Noem's nuclear response, I have to assume there were massive problems. This is how DHS describes it.
While conducting a routine cybersecurity review, the DHS Office of the Chief Information Officer (OCIO) discovered significant security vulnerabilities that gave a threat actor access to FEMA’s network. The investigation uncovered several severe lapses in security that allowed the threat actor to breach FEMA’s network and threaten the entire Department and the nation as a whole.
The entrenched bureaucrats who led FEMA’s IT team for decades resisted any efforts to fix the problem. Instead, they avoided scheduled inspections and lied to officials about the scope and scale of the cyber vulnerabilities.
Failures included: an agency-wide lack of multi-factor authentication, use of prohibited legacy protocols, failing to fix known and critical vulnerabilities, and inadequate operational visibility.
FEMA spent nearly half a billion dollars on IT and cybersecurity measures in Fiscal Year 2025 alone and delivered virtually nothing for the American people. Despite burning hundreds of millions of taxpayer dollars, FEMA’s IT leadership still neglected its basic duties and exposed the entire Department to cyberattacks.
According to a FEMA spokesman, "DHS was able to identify and finally get the bad actor. But they turned off their credentials and then, somehow, the FEMA IT team turned their credentials back on.”
The speculation is that the hackers were based in China and targeted Microsoft SharePoint servers.
While Secretary Noem may be correct that the American people got nothing for the expenditure of half a billion dollars, that isn't to say that the money bought nothing. It padded the resumes of the people allegedly overseeing the contracts, employed contractors, and likely purchased equipment that hasn't been installed. That contractor money, in return, probably went to well-heeled Democrat donors. So, it wasn't a total loss, after all.
While the proximate cause of the firing of the Dirty Two Dozen was a failed response to a cyberattack, it is all a part of Trump's and Noem's efforts to convert the bloated, effervescent puddle of FAIL that is FEMA into an effective agency. We had a demonstration of just how inept FEMA is at carrying out anything that doesn't resemble a coffee break or nap time last summer during Hurricane Helene.
RELATED:
FLASHBACK: Was FEMA Punishing Trump Supporters in North Carolina? – RedState
The administration seems to be making some progress; see After Decades of Failure, the Trump Administration is getting FEMA Back on Track | Homeland Security.
Two additional stray threads. Earlier this week, Secretary of Defense Pete Hegseth took action to keep vendors located in China from making changes to DOD cloud computing systems. In the process, he intimated that DOD was working with other agencies, which suggests that the problem is a government issue, rather than a DOD issue. It would be interesting to know if foreign nationals also maintain FEMA's IT systems; see Did Pete Hegseth Just Save the Day, Or Is He a Contender for the 'Too Little, Too Late' Award? A second possible data point comes from the U.S. Navy: Navy's top cybersecurity official abruptly leaves.
The Department of the Navy’s chief information officer left her post after nearly two years. Jane Overslaugh Rathbun, who served as the Department of the Navy’s top expert for cybersecurity, electromagnetic threats and privacy, suddenly announced her retirement last week. She is the latest senior Navy official to leave or be fired this month.
Rathbun shared the news in a LinkedIn post on Aug. 22, saying that it was hard to sum up more than three decades working in national security.
“It is with gratitude, pride, and humility that I close out this chapter of my career as a civil servant,” she wrote.
In her post, Rathbun did not give a reason for why she was retiring or if she was leaving the post immediately. However, a Navy official confirmed to Task & Purpose that she has since left her position.
While the events may not be related, Hegseth pulling the plug on Chinese vendors, Noem firing two dozen FEMA IT people over security issues, and the abrupt, no-notice retirement of the Navy's top cybersecurity official seem too closely related to be explained by mere serendipity.
We are in a death struggle with the forces of progressivism and the Deep State that acts as its guardian. As the Trump administration struggles to uproot the people and policies that have put our liberty and nation at risk, it is resisted at every turn. You can do your part by staying informed of the issues. Join RedState VIP and help continue our coverage to keep you abreast of the fight. Use promo code FIGHT to get 60% off your membership.