A hacker stole sensitive employee data from the Federal Emergency Management Agency (FEMA) and Customs and Border Protection (CBP) in a breach that lasted weeks this summer, according to an internal FEMA assessment obtained by CNN.
The intruder exploited Citrix software, a common gateway into federal networks, and gained access to FEMA systems across New Mexico, Texas, and Louisiana.
Earlier this year, a hacker managed to gain access to the computer networks of the FEMA and stayed in them for several months, stealing data about FEMA and US CBP employees.#hack #cybersecurity #FEMA #databreach #US https://t.co/tlqPDcGY0j
— Cybernews (@CyberNews) September 30, 2025
Homeland Security Secretary Kristi Noem has fired two dozen FEMA IT officials, including top executives, citing “severe lapses in security.”
In August, Noem had claimed no sensitive data was taken, but by September 10 a DHS task force confirmed the theft.
DHS chief Kristi Noem fires two dozen FEMA employees after ‘massive’ cyber failures https://t.co/u6oykuo7sR pic.twitter.com/VOaNDpguIr
— New York Post (@nypost) August 29, 2025
The firings have stirred controversy, with some FEMA veterans defending the ousted officials as competent and respected.
Critics allege Noem is using the breach as cover for a wider purge following staff opposition to Trump administration reforms. The breach highlights persistent weaknesses in federal cybersecurity defenses.
Also read:
TIPP Staff
