CISA contractor left a public GitHub repository exposed until recently, revealing credentials to highly privileged AWS GovCloud accounts and internal systems. Security experts describe the leak, which included files on CISA's internal software development practices, as one of the most serious government data breaches in recent years.
A CISA administrator accidentally leaked AWS GovCloud access keys on GitHub, exposing sensitive cloud credentials used by the U.S. government. The breach highlights ongoing risks of credential exposure in public repositories, even within federal agencies.
A CISA administrator accidentally leaked AWS GovCloud access keys on GitHub, exposing sensitive internal systems. The keys, discovered by security researchers, provided access to a classified cloud environment used by the U.S. government. CISA has since revoked the credentials and launched an investigation into the incident.