Skip to content

Congress Demands Answers from CISA After Massive Data Breach

Bottom line: A CISA contractor publicly leaked AWS keys and agency secrets. Congress now demands answers from the agency, which remained unresponsive for months. The security gap coincides with massive staffing cuts at CISA.

Members of both chambers of the U.S. Congress are demanding statements from the Cybersecurity & Infrastructure Security Agency (CISA) after a contractor for the agency intentionally published AWS GovCloud keys and numerous other agency secrets on a public GitHub account. CISA continues to be plagued by the security breach.

A CISA contractor with administrator rights on the agency’s code development platform created a public GitHub profile called “Private-CISA” in May that contained plaintext credentials for dozens of internal systems. Analysis by security experts revealed that the contractor had deliberately disabled GitHub’s built-in protections against publishing sensitive data. While CISA stated there was “no evidence that sensitive data has been compromised,” senators and congressional representatives accused the agency of serious security failures. The archive is said to have been originally created in November 2025 and points to an individual who used it as a personal work surface. Senator Maggie Hassan (D-NH) criticized in a letter CISA’s lack of internal policies and pointed to the weakened agency culture caused by a massive wave of resignations and retirements. CISA continues working to invalidate and replace the exposed credentials — one week after being notified by the security company GitGuardian.

Share on: