A CISA contractor exposed highly sensitive AWS GovCloud credentials and internal system details through a public GitHub repository, representing one of the most severe government data leaks in recent history. The repository contained cloud keys, tokens, plaintext passwords, and internal documentation about CISA's software development processes. Security researchers discovered that the contractor had deliberately disabled GitHub's built-in security features designed to prevent such exposures.
Background
CISA (Cybersecurity & Infrastructure Security Agency) is the US government agency responsible for strengthening cybersecurity and infrastructure protection. AWS GovCloud is a secure cloud computing environment designed for US government agencies to host sensitive data and regulated workloads.
- Source
- Lobsters
- Published
- May 19, 2026 at 06:20 AM
- Score
- 9.0 / 10