A team that was recently removed from the Department of Health and Human Services (HHS) was responsible for managing over a hundred contracts valued at hundreds of millions of dollars, including important cybersecurity licenses. This team also handled the renewal of contracts for numerous specialized contractors performing essential duties for the department, such as cybersecurity contractors working at the Computer Security Incident Response Center (CSIRC). The CSIRC, a vital element of HHS’s cybersecurity program, is overseen by the chief information security officer and is the only entity with visibility across the entire departmental network. Positioned in Atlanta, the CSIRC is charged with monitoring the entire HHS network to prevent, detect, report, and respond to cybersecurity incidents.
The facility is often referred to as the “nerve center” of the department, as it maintains direct connections with the Department of Homeland Security (DHS), Cybersecurity and Infrastructure Security Agency (CISA), the Defense Health Agency, and the intelligence community, according to a source. The contractors offer continuous coverage through three eight-hour shifts daily, monitoring for potential outages or attacks. Contracts for these services are scheduled to expire on June 21. Although renewal is possible, uncertainty remains about who is authorized to undertake the renewal or has the necessary knowledge to do so, given the absence of the office managing these processes.
Compounding the issue, the General Service Administration has decided to terminate the CSIRC’s lease in Atlanta, effective December 31, 2025. Several cybersecurity and monitoring tools used by contractors for network surveillance are also due for renewal in the coming months.
If these challenges are not addressed, the department might become vulnerable to external actors accessing significant databases containing public health information, sensitive drug testing clinical trial data from institutions such as the NIH or FDA, or various organizations’ mental health records, as per the concerns raised by a source.
Before the reduction in force (RIF), some administrative staff engaged with operatives from Elon Musk’s so-called Department of Government Efficiency (DOGE), including Clark Minor, a software engineer with over a decade of experience at Palantir who has been appointed as the department’s chief information officer. An employee recounted that Minor appeared overwhelmed by HHS’s vast scale, noting that his online résumé lacks experience in federal government operations. Minor has not yet provided transition guidance to remaining HHS staff, mention two sources. He did not respond to requests for comment from WIRED.
Reports from HHS sources indicate that internal systems are already beginning to falter. An employee responsible for facilitating agency travel noted that the RIF has regressed federal travel processes to those in place before the implementation of the Electronic Travel System contract in 2004.
