Congressional scrutiny is beginning to intensify following revelations that a contractor supporting the Cybersecurity and Infrastructure Security Agency allegedly exposed highly sensitive AWS GovCloud credentials and internal system access details through a public GitHub repository, according to a report by KrebsOnSecurity.
The report details how the now-removed “Private-CISA” repository reportedly contained plaintext passwords, cloud keys, internal deployment files, and access credentials tied to critical CISA development and operational environments. Researchers cited in the report described the exposure as one of the most serious government-related credential leaks they had encountered.
Now, attention is rapidly shifting to Capitol Hill, where lawmakers are reportedly seeking answers around oversight, contractor management, internal security practices, and how such a lapse may have remained exposed for months. The incident is expected to draw increased scrutiny in the coming weeks, particularly as questions emerge about operational safeguards, workforce reductions, and broader cybersecurity readiness across federal agencies.
The report also notes that exposed credentials allegedly remained active for nearly 48 hours after CISA was notified, further fueling concerns likely to be raised during any upcoming hearings or investigations.
Read the full report by KrebsOnSecurity.
