Reported exposure of federal cybersecurity agency login data prompts Hill scrutiny
Reported exposure of federal cybersecurity agency login data prompts Hill scrutiny
Publish Date: 2026-05-20 15:25:00
Source Domain: www.govexec.com
Top Democratic lawmakers on the House Homeland Security Committee have requested a briefing from Cybersecurity and Infrastructure Security Agency acting Director Nick Andersen following reports of a contractor-linked leak of internal agency credentials.
Independent journalist Brian Krebs reported Monday that researchers identified a publicly accessible GitHub repository connected to government contractor Nightwing that allegedly exposed a broad collection of sensitive access information tied to systems used by CISA and its parent agency, the Department of Homeland Security.
“We demand a briefing as soon as possible on how this serious security lapse occurred, any potential security consequences, remediation activities, corrective actions related to the contractor personnel involved, and efforts to monitor for and prevent similar activity from occurring in the future,” wrote Rep. Bennie Thompson of Mississippi, the committee’s ranking member, and Rep. Delia Ramirez of Illinois, the ranking member of the panel’s cyber subcommittee, in a Tuesday letter shared with Nextgov/FCW.
The materials, stored in a repository labeled “Private CISA,” reportedly included items like authentication credentials, AWS GovCloud information and other sensitive data. The repository was later removed from public view. Nextgov/FCW has not independently verified its contents.
“Security researchers said the content openly available online included information on ‘how CISA builds, tests and deploys software internally,’ and they described it as ‘one of the most egregious government data leaks in recent history.’ We agree,” said the letter, referring to the contents of Krebs’ reporting.
A Nightwing spokesperson referred inquiries to CISA.
“We do not comment on congressional correspondence but respond to members directly,” an agency spokesperson said.
A separate letter to Andersen was sent by Sen. Maggie Hassan, D-N.H., Axios reported Tuesday.
CISA has undergone…
