SECURITYKREBS ON SECURITY
Lawmakers Demand Answers as CISA Tries to Contain Data Leak
A CISA contractor intentionally published AWS GovCloud keys and sensitive agency credentials on a public GitHub account, prompting Congressional lawmakers to demand answers. The breach exposed plaintext credentials to dozens of internal CISA systems and occurred amid significant staff losses at the agency following Trump administration-ordered retirements and resignations.
Mentioned
Related Signal
Adjacent reporting
- CISA Admin Leaked AWS GovCloud Keys on Github
- U.S. Cybersecurity Agency Leaves Its Digital Keys Out in Public on GitHub
- CISA credential leak raises alarms, and Capitol Hill demands answers
- Vercel Breach Tied to Context AI Hack Exposes Limited Customer Credentials
- CISA Admin Leaked AWS GovCloud Keys on GitHub
- US cyber agency CISA exposed reams of passwords and cloud keys to the open web