Severe CISA Data Leak Exposes Sensitive AWS GovCloud Credentials

A contractor for the U.S. Cybersecurity and Infrastructure Security Agency (CISA) inadvertently exposed highly privileged AWS GovCloud credentials and internal system details in a public GitHub repository until this past weekend. The leaked repository contained files outlining CISA’s software build, testing, and deployment processes, as well as access to multiple internal systems. Security experts described the incident as one of the most severe government data leaks in recent history due to the sensitivity of the exposed credentials. No specific dates, CVE IDs, or exact technical configurations were disclosed in the report. The leak involved AWS GovCloud accounts, which are reserved for U.S. government workloads requiring enhanced security controls.