CISA Admin Leaked AWS GovCloud Keys on GitHub
2 days ago
- #CISA data breach
- #government contractor oversight
- #GitHub security leak
- A CISA contractor maintained a public GitHub repository exposing credentials to AWS GovCloud accounts and internal systems, described as a severe government data leak.
- GitGuardian researcher Guillaume Valadon discovered the repository, which contained plaintext passwords, SSH keys, and other sensitive assets, indicating poor security hygiene.
- The repository included administrative AWS keys and plaintext credentials for dozens of CISA systems, potentially allowing backdoor access to software development pipelines.
- Security expert Philippe Caturegli tested the keys and found them still valid for 48 hours after notification, highlighting risks of persistent access for attackers.
- CISA acknowledged the exposure but stated no sensitive data was compromised, while contractors and commentators criticized oversight and security practices.
- The incident is linked to contractor mismanagement, with debates over responsibility involving agency staffing cuts, contractor oversight, and broader government incompetence.