A CISA contractor stored administrative AWS GovCloud credentials, plaintext passwords, and access tokens in a public GitHub repository after intentionally disabling GitHub’s native secrets detection.
A CISA contractor published internal login credentials that began circulating in November 2025 on GitHub; more than a week later, critical keys remained unrevoked while Congress demands a security review.