Two additional employees of the Federal Emergency Management Agency (FEMA) have been dismissed after being found to have used government equipment for sexually explicit activities at classified government facilities, according to Department of Homeland Security (DHS) Secretary Kristi Noem.
The DHS Insider Threat Program (ITP) uncovered that these FEMA staff members sent graphic messages, accessed adult websites, and in one instance uploaded an explicit image to an online sex platform using official devices. The conduct occurred during work hours and involved use of FEMA-assigned devices connected to agency networks.
“This behavior and misuse of government resources is absolutely disgusting.” said Secretary Kristi Noem. “The revolting actions of these employees, now the second group to be caught at FEMA engaged in such acts, represents a clear national security risk. These employees, who had access to highly sensitive systems, spent their duty hours sexting strangers, including foreign nationals, on encrypted government devices. Such conduct is unacceptable, and these employees have been terminated.”
On August 27, 2025, the ITP identified that a FEMA employee had accessed Facebook Messenger through the FEMA network for multiple sexually explicit conversations with someone believed to be in the Philippines. The reviewed messages included graphic content and references to a Filipino dating group as well as plans for overseas travel later this year. This incident follows another recent case at Mount Weather Emergency Operations Center where two other FEMA staff were also fired for similar misconduct.
Between August 30 and 31, 2025, another employee used his government workstation to visit an adult website where he engaged in graphic conversations and uploaded an explicit image. All activity was confirmed by DHS officials as having taken place during duty hours from a FEMA device on an unclassified network.
DHS stated it is continuing comprehensive investigations into employee conduct within FEMA and reviewing its internal policies and monitoring protocols related to network activity and security clearances.
