In a dramatic reversal, a federal judge has ordered the reinstatement of more than 130 probationary employees who were abruptly terminated from the Cybersecurity and Infrastructure Security Agency (CISA) last month. The sweeping decision, handed down by Maryland U.S. District Judge James Bredar, follows mounting legal pressure on the Trump administration over the mass firings that rocked the nation’s top cyber defense agency.
The affected employees, many of whom were hired or promoted within the last three years, will officially be reinstated on Monday. However, rather than immediately returning to their jobs, they will be placed on paid administrative leave while the agency determines the next steps. According to an internal email obtained by CBS News, CISA informed the reinstated workers that their employment status had been restored at their previous pay rates.
“Upon reinstatement, your pay and benefits will restart, and all requirements of federal employment will be applicable, including your ethical obligations,” the email read. Employees were given the option to decline reinstatement by submitting a written resignation.
Judge Bredar’s ruling extended beyond CISA, affecting 18 federal agencies, including the Department of Homeland Security (which oversees CISA). Other agencies impacted include the Departments of Agriculture, Commerce, Education, Energy, Health and Human Services, Housing and Urban Development, Interior, Labor, Transportation, Treasury, and Veterans Affairs, as well as the Consumer Financial Protection Bureau, Environmental Protection Agency, Federal Deposit Insurance Corporation, General Services Administration, Small Business Administration, and the U.S. Agency for International Development.
CISA, which plays a critical role in protecting U.S. infrastructure from cyber threats, issued a public statement Monday morning, noting that it was “making every effort to individually contact all impacted individuals.” The agency also advised former employees who believe they fall under the court order to reach out directly.
The terminations, dubbed the “Valentine’s Day Massacre” by employees, blindsided much of the agency’s cyber defense workforce. The layoffs affected key personnel, including threat hunters, incident response team members, disabled veterans, and individuals enrolled in the federal government’s deferred resignation program. Additionally, some of the agency’s most promising recruits, hired under the Cyber Talent Management System, were among those dismissed. Many of those terminated had top-secret security clearances and were actively engaged in defending critical U.S. infrastructure from cyber threats at the time of their dismissal.
How the employees were terminated only added to the controversy. Those affected received a generic form-letter email informing them that they were “not fit for continued employment because your ability, knowledge, and skills do not fit the Agency’s current needs.” The decision sparked outrage within the cyber defense community, with critics arguing that the firings significantly weakened national security efforts at a time when cyber threats are on the rise.
It remains unclear whether reinstated employees will receive back pay for the period during which they were terminated. The situation is further complicated by the fact that many had already been required to return government-issued laptops and security credentials. Several former employees told CBS News that they had been instructed not to physically return to the office, raising concerns about whether they would be fully reintegrated into their previous roles.
Judge Bredar’s order has provided temporary relief for the affected workers, but uncertainty remains. The restraining order is set to expire on March 27 at 8 p.m., unless the court extends it. If the order is not renewed, the administration could attempt to remove the employees once again, setting the stage for further legal battles.
As the case unfolds, cybersecurity experts warn that the instability surrounding CISA’s workforce could have long-term consequences. The agency is responsible for safeguarding the nation’s infrastructure against cyberattacks, ransomware threats, and foreign espionage. With national security on the line, many are calling for greater transparency from the administration regarding its long-term plans for CISA and its personnel.
For now, the reinstated employees remain in limbo, unsure of what the future holds. The coming weeks will determine whether the court’s intervention marks a turning point in federal employment rights—or if the “Valentine’s Day Massacre” will have lasting repercussions for the nation’s cybersecurity efforts.
GIPHY App Key not set. Please check settings