Crazy story: Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repository that exposed credentials to several highly privileged AWS GovCloud accounts and a large number of internal CISA systems. Security experts said the public archive included files detailing how CISA builds, tests and deploys software internally, and that it represents one of the most egregious government data leaks in recent history. News article.

The federal cybersecurity agency left plaintext passwords in a spreadsheet uploaded to a public GitHub repository, per a report by independent journalist Brian Krebs.

CISA left plaintext passwords and AWS GovCloud admin keys in a public GitHub repo for six months. GitGuardian discovered the 844 MB exposure on May 14, 2026.

I wonder what's in 'external-secret-repo-creds.yaml' and 'AWS-Workspace-Firefox-Passwords.csv'?

I wonder what's in 'external-secret-repo-creds.yaml' and 'AWS-Workspace-Firefox-Passwords.csv'?

SSH keys, plaintext passwords, other sensitive data had been up since November 2025.

The agency's GitHub repository, publicly available since November 2025, was ironically named "Private-CISA."

On May 14, 2026, GitGuardian found what looked like leaked CISA secrets in a public GitHub repository...

Independent journalist Brian Krebs reported Monday that researchers found a publicly accessible GitHub repository connected to a government contractor that exposed CISA data.

Crazy story: Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repository that exposed credentials to…