CISA Admin Leaked AWS GovCloud Keys on Github

A contractor for the Cybersecurity & Infrastructure Security Agency (CISA) publicly exposed highly privileged AWS GovCloud credentials and numerous internal system passwords on a GitHub repository named “Private-CISA,” representing one of the most severe government data leaks in recent history. The exposed files contained plaintext passwords, cloud keys, and sensitive configuration details, posing significant risks for unauthorized access and lateral movement within CISA systems. CISA is investigating the incident, stating no current evidence of data compromise, while security experts condemned the poor security practices involved, which may reflect broader internal issues.

https://krebsonsecurity.com/2026/05/cisa-admin-leaked-aws-govcloud-keys-on-github/

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top