Homeland Security Secretary Kristi Noem announced Friday the dismissal of two dozen Federal Emergency Management Agency employees over what she called “massive” cybersecurity failures that compromised government networks and jeopardized operations.
Among those fired were FEMA Chief Information Officer Charles Armstrong, Chief Information Security Officer Gregory Edwards, and 22 IT staffers.
“FEMA’s career IT leadership failed on every level. Their incompetence put the American people at risk,” Noem said in a statement. “When DHS stepped in to fix the problem, entrenched bureaucrats worked to prevent us from solving the problem and downplayed just how bad this breach was.”
The cybersecurity breach was discovered after Noem ordered a review of FEMA’s systems, according to the New York Post. Officials reported that a “threat actor” gained access to the agency’s network; however, it is still unclear if the intrusion was from a foreign source. A FEMA spokesperson said, “Are we lucky no actual American citizens were impacted? Yes, but it’s a huge flaw.”
Homeland Security officials said they removed the threat actor but later found FEMA IT staff had reactivated compromised credentials. DHS sources accused the dismissed employees of downplaying vulnerabilities and evading scheduled inspections.
The incident comes amid heightened concern over Chinese state-linked cyberattacks on U.S. government networks. Microsoft said two Chinese state-backed groups, Linen Typhoon and Violet Typhoon, exploited SharePoint vulnerabilities last month to target agencies including the National Nuclear Security Administration.
FEMA, which spent nearly $500 million on IT and cybersecurity in fiscal 2025, was also running on Microsoft software. For her part, Noem emphasized the seriousness of the failures.
“These deep-state individuals were more interested in covering up their failures than in protecting the Homeland and American citizens’ personal data, so I terminated them immediately,” she said. “The American people deserve results from their government.”
DHS Secretary Kristi Noem faulted FEMA for failing to adopt basic cybersecurity measures such as multi-factor authentication and other safeguards. The dismissed staff were accused of minimizing the breach to DHS officials, delaying its resolution, and putting sensitive systems at risk.
FEMA has faced mounting criticism in recent years over IT security lapses and its readiness for national emergencies. Noem’s firings represent one of the most sweeping actions against the agency’s leadership in years, signaling a push for tighter oversight and accountability.
