Transition

OPM inspector general will examine DOGE access to IT systems

The agency’s watchdog said it will look into “specific emerging risks” related to issues highlighted in a February letter from House Oversight Democrats.

By Matt Bracken

March 10, 2025

Listen to this article

0:00

This feature uses an automated voice, which may result in occasional errors in pronunciation, tone, or sentiment.

OPM's Washington, D.C., headquarters. (Billy Mitchell)

An Office of Personnel Management watchdog investigation into cybersecurity risks on government networks and the potential exposure of sensitive information will include an examination of DOGE access to those systems.

OPM’s Office of Inspector General said in a letter to Democrats on the House Oversight Committee that it would incorporate “parts” of the lawmakers’ February request to probe DOGE’s unauthorized accessing of IT networks and Americans’ data into “existing work.” The watchdog also said it had “initiated a new engagement on specific emerging risks at OPM that are related to issues raised” in Democrats’ letter.

In that letter, Democrats led by House Oversight Committee ranking member Gerry Connolly of Virginia cited DOGE incursions into OPM, General Services Administration, USAID and Treasury Department networks, which they said raised “serious questions about the security protocols in place to safeguard sensitive government information and the potential for unauthorized access and misuse by private citizens without requisite clearance or any legitimate reason to access this information.”

The Democrats urged OPM’s OIG to coordinate with inspector generals across the government to “address these potential threats to national security.”

In the response letter dated Friday, Deputy Inspector General Norbert E. Vint said his office scrutinizes many of the issues raised by Democrats tied to OPM’s IT and financial systems as part of annual reviews, part of the watchdog’s oversight responsibilities “required by statute” and “based on developing risks identified through our ongoing risk assessment efforts.”

“We have also just begun an engagement to assess risks associated with new and modified information systems at OPM,” Vint wrote. “We believe that, ultimately, our new engagement will broadly address many of your questions related to the integrity of OPM systems. We will provide you with an update once we have completed our review.”

OPM was at the center of a week-one Trump administration IT controversy when a new server was set up to send mass emails to the entire federal government workforce. A class-action lawsuit was filed against the agency over whether it had properly conducted a privacy impact assessment before launching the server. Last week, it was revealed that OPM had quietly swapped out its privacy assessment for the system amid the ongoing litigation.

House Oversight Democrats on Monday applauded the OPM watchdog’s decision to dig deeper into the potential cybersecurity risks caused by DOGE’s burrowing into agency IT systems.

“Inspectors General must have the independence to carry out their mission free from partisan pressure and threat,” Connolly said in a press release. “That is the only way these government watchdogs can conduct their important work on behalf of the American people. The work of the Deputy Inspector General and the OPM Office of Inspector General must be allowed to proceed unimpeded.”