‘The Worst Leak That I’ve Witnessed’: U.S. Cybersecurity Agency Leaves Its Digital Keys Out in Public on GitHub
https://gizmodo.com/the-worst-leak-that-ive-witnessed-u-s-cybersecurity-agency-leaves-its-digital-keys-out-in-public-on-github-2000760330
‘The Worst Leak That I’ve Witnessed’: U.S. Cybersecurity Agency Leaves Its Digital Keys Out in Public on GitHub
https://gizmodo.com/the-worst-leak-that-ive-witnessed-u-s-cybersecurity-agency-leaves-its-digital-keys-out-in-public-on-github-2000760330
32 Comments
They’re all stoned off their asses.
I wish I could say I am shocked, but the level of ineptitude in govt. at all levels is astounding. Just like in Trumps last stint as President. Rudy Guliani (sp?) was put over cyber security and they deployed a public facing SQL server with ZERO protections. It got owned in a few minutes after deployment. And that’s just one of what we know about…
Ahh yes, giving my tax money to fund a bunch of a retards that don’t know how GitHub works.
A McDonald’s worker probably knows GitHub better
Six months of GovCloud admin credentials sitting in a public repo named Private-CISA, in a file called importantAWStokens, and the official statement is “no indication sensitive data was compromised.” I mean, technically true — nobody needed to compromise it. It was just sitting there. Like a buffet.
The worst leak they’ve witnessed so far.
More evidence of the silent rebellion happening in the US Government right now.
I wonder if it was some idiot using an llm… this happens all the time now.
Only the best I guess and perhaps why best have multiple layers of security
Incompetence top to bottom. That’s what the American people voted for. That and pedophile protection.
Babytown frolics.
Sounds like something Trump administration would do. Wait, it is!!!
They chased away every competent person they had. Just crooks and idiots left.
The Trump Administration couldn’t find its own ass w/ both hands and a diagram.
Looks like an opening is coming up in this organization.
This is republican ‘leadership’ on full display.
U.S. Cybersecurity Agency … I would let that sink in, but it is already on my sofa laughing its arse off
This article is shit. Krebs reported that it was a Nightwing contractor.
I’m a Software Engineer, it never fails to amaze me how the “big guys” can make these mistakes and how often they do. This was the case even before AI assistants. I’m a nobody, working in low-stakes projects, I check the diff before every commit, no one had to tell me that, it’s obvious.
This is how the incompetent cronies Krasnov appoints run agencies. You can bet Russia and China now have all that information.
Tulsi Gabbard had to let her boss Putin know about those credentials
Wasnt done by error – insider
Contractor or not, where was the governance on this? Who did the due diligence?
Ja wer Elon musk als Berater einsetzt … Halt Resultat der Trump Regierung… Ich lach mich weg
Clownery. GOP Congress has enabled all of this evil and stupidity with their cravenness.
Check out the Heritage Foundation’s website, which has a fundraising page for and I kid you not, “The Second American Revolution”.
don’t worry, j edgar boozer is on the case
I hate when articles refer to this kind of situation as a “vulnerability” as if there is some exploit required to access this information. All they are doing is working to avoid accountability. If I post my phone number on public social media it is not a vulnerability when scammers start calling.
I’ll bet they used “password” as their password.
when you lay off the people that keep the things safe you get the things stolen.
I do bug bounty Audits I done DOD and other gov sites scary just how meany holes you find if you just look.
oh well it keep freelancers like me in business
I’m gonna cry laugh if they find out this was done by an AI set up so they could cut payroll.
Same CISA that was absolutely gutted and the people with much of expertise and skills were fired/let go? Shocking! [https://www.cybersecuritydive.com/news/cisa-layoffs-reassignments-dhs-white-house-government-shutdown/802723/](https://www.cybersecuritydive.com/news/cisa-layoffs-reassignments-dhs-white-house-government-shutdown/802723/)
My cynicism says ‘ain’t nothing gonna happen’ but it would be awesome to start seeing some consequences for blatant illegality and incompetence.