{"id":249913,"date":"2026-05-19T19:29:00","date_gmt":"2026-05-19T23:29:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/05\/19\/cisa-credential-leak-raises-alarms-and-capitol-hill-demands-answers\/"},"modified":"2026-05-19T19:55:12","modified_gmt":"2026-05-19T23:55:12","slug":"cisa-credential-leak-raises-alarms-and-capitol-hill-demands-answers","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/05\/19\/cisa-credential-leak-raises-alarms-and-capitol-hill-demands-answers\/","title":{"rendered":"CISA credential leak raises alarms, and Capitol Hill demands answers"},"content":{"rendered":"<p><a href=\"https:\/\/cyberscoop.com\/cisa-credential-leak-congress-demands-answers\/\">CISA credential leak raises alarms, and Capitol Hill demands answers<\/a><\/p>\n<p><a href=\"https:\/\/cyberscoop.com\/cisa-credential-leak-congress-demands-answers\/\">https:\/\/cyberscoop.com\/cisa-credential-leak-congress-demands-answers\/<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-05-19 19:29:00<\/a><\/p>\n<p>Source Domain: <a href=\"cyberscoop.com\">cyberscoop.com<\/a><\/p>\n<p>Congressional Democrats want answers from the Cybersecurity and Infrastructure Security Agency about the reported public exposure of sensitive agency credential data on GitHub in an incident that the security researcher who discovered it called one of the worst leaks he\u2019s ever seen.<\/p>\n<p>Other security professionals also voiced concern Tuesday about the leak and the potential for abuse by any malicious parties who got a hold of the information.<\/p>\n<p>Security firm GitGuardian said it discovered a public GitHub repository last week that exposed credentials for privileged AWS GovCloud accounts and internal CISA systems dating back to November. The repository, apparently maintained by a contractor, was named \u201cPrivate-CISA.\u201d\u00a0<\/p>\n<p>Krebs on Security first reported the incident.<\/p>\n<p>\u201cMy main fear \u2026 is that a state actor will get the data and might be able to do bad stuff,\u201d GitGuardian security researcher Guillaume Valadon told CyberScoop that he thought to himself upon discovering the leak, after concluding it was real; he initially thought it looked fake.<\/p>\n<p>State-based attackers who obtained the credentials \u201cmight be able to gain persistence,\u201d Valadon said, \u201cso for me it\u2019s even worse than an attacker destroying everything, having someone in a governmental system \u2014 it\u2019s really, really bad.\u201d<\/p>\n<p>Mississippi Rep. Bennie Thompson, the top Democrat on the Homeland Security Committee, and Delia Ramirez, the top Democrat on the panel\u2019s cyber subcommittee, demanded a briefing Tuesday in a letter<strong> <\/strong>to CISA\u2019s acting director, Nick Andersen.\u00a0<\/p>\n<p>They said they wanted to learn \u201chow this serious security lapse occurred, any potential security consequences, remediation activities, corrective actions related to the contractor personnel involved, and efforts to monitor for and prevent similar activity from occurring in the future.\u201d<\/p>\n<p>Sen. Maggie Hassan, D-N.H., also sent a letter Tuesday to Andersen, seeking a classified briefing to answer&#8230;<\/p>\n<p><a href=\"https:\/\/cyberscoop.com\/cisa-credential-leak-congress-demands-answers\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>CISA credential leak raises alarms, and Capitol Hill demands answers https:\/\/cyberscoop.com\/cisa-credential-leak-congress-demands-answers\/ Publish Date: 2026-05-19 19:29:00&#8230;<\/p>\n","protected":false},"author":1,"featured_media":249914,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2026\/05\/GettyImages-2254820015.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[24],"class_list":["post-249913","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-cybersecurity"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/249913"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=249913"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/249913\/revisions"}],"predecessor-version":[{"id":249915,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/249913\/revisions\/249915"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/249914"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=249913"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=249913"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=249913"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}