Congress Demands Answers as CISA Struggles to Contain Contractor-Linked Data Leak

May 24, 2026 at 12:26 AM

•

1 min read

TL;DR Summary

Lawmakers from both parties pressed CISA for answers after KrebsOnSecurity reported a contractor publicly posted plaintext credentials and AWS GovCloud keys to a GitHub account, triggering ongoing credential rotation and breach containment. Experts warn that exposed keys could enable access to code, CI/CD pipelines, and sensitive systems. CISA says it is rotating leaked credentials and coordinating with vendors, while lawmakers demand answers about internal policies amid leadership turnover and broader concerns about the agency’s security culture.

Topics:business #cisa #congress #cybersecurity #data-leak #github #technology

Share this article

Lawmakers Demand Answers as CISA Tries to Contain Data Leak Krebs on Security
Senator requests "urgent" classified briefing on CISA's internal credential leaks Axios
How We Got a CISA GitHub Leak Taken Down in Under a Day GitGuardian Blog
CISA credential leak raises alarms, and Capitol Hill demands answers CyberScoop
CISA Passwords Used to Access DHS Systems Exposed The National Law Review

Reading Insights

Total Reads

Unique Readers

Time Saved

5 min

vs 6 min read

Condensed

93%

1,119 → 76 words

Want the full story? Read the original article

Read on Krebs on Security

JavaScript Required

tl;dr daily news requires JavaScript to be enabled. Please enable JavaScript in your browser settings.

Related Sources

Reading Insights