CISA Contractor Leaks AWS GovCloud Keys and Agency Secrets on Public GitHub; Lawmakers Demand Answers
By
speckx
9d ago· 6 min readenNews
100/100
Golden Brown
Bagelometer↗
Baker's choice. Dense with flavour, light on filler.
Score100TypenewsSentimentnegative
Summary
A CISA contractor with administrative access intentionally published AWS GovCloud keys and other sensitive agency secrets on a public GitHub account. Lawmakers in both houses of Congress are demanding answers as CISA struggles to contain the breach and invalidate the leaked credentials. The incident was first reported by KrebsOnSecurity, revealing that the contractor created a public GitHub profile called "Priva" and uploaded classified materials.
Key quotes
· 3 pulledLawmakers in both houses of Congress are demanding answers from the U.S. Cybersecurity & Infrastructure Security Agency (CISA) after KrebsOnSecurity reported this week that a CISA contractor intentionally published AWS GovCloud keys and a vast trove of other agency secrets on a public GitHub account.
The inquiry comes as CISA is still struggling to contain the breach and invalidate the leaked credentials.
A CISA contractor with administrative access to the agency's code development platform had created a public GitHub profile called 'Priva'
Lawmakers in both houses of Congress are demanding answers from the U.S. Cybersecurity & Infrastructure Security Agency (CISA) after KrebsOnSecurity reported this week that a CISA contractor intentionally published AWS GovCloud keys and a vast trove of ot
