Lawmakers Demand Answers as CISA Tries to Contain Data Leak

Lawmakers from both the House and Senate are pressing the U.S. Cybersecurity and Infrastructure Security Agency (CISA) for answers after a contractor deliberately exposed sensitive agency data on a public GitHub repository. The contractor published AWS GovCloud keys and numerous internal credentials under a profile named “Private-CISA,” which was accessible publicly for several months. CISA is actively working to contain the breach and revoke the compromised credentials, but questions remain about the extent and duration of the exposure. The incident was first reported by KrebsOnSecurity, revealing that the contractor disabled GitHub’s safeguards designed to prevent sensitive data from being published publicly. Security experts analyzing the repository noted it appeared to be used as a personal workspace rather than an official project, with the leak dating back to November 2025. Despite CISA’s statement asserting no evidence of data compromise, lawmakers remain skeptical. Senator Maggie Hassan highlighted the breach as a serious failure given CISA’s critical role in protecting U.S. infrastructure from cyber threats. The breach has intensified scrutiny of CISA’s internal controls amid significant organizational turmoil. Over the past years, the agency has experienced a substantial loss of personnel, including senior leadership, following early retirements and resignations triggered by the previous administration. This staffing upheaval has raised concerns about CISA’s capacity to maintain robust security practices and effectively oversee contractors. Representative Bennie Thompson and others emphasized that the incident may reflect deeper issues with CISA’s security culture and contract management, especially as the agency faces persistent threats from foreign adversaries like China, Russia, and Iran. The congressional inquiries underscore the urgency of strengthening cybersecurity protocols within CISA to prevent future lapses. Lawmakers are demanding detailed explanations and assurances that corrective measures are in place to safeguard sensitive government systems. The breach serves as a stark reminder of the vulnerabilities even within agencies tasked with defending national cybersecurity, highlighting the need for rigorous oversight and enhanced operational resilience.