Ranking member Rep. Bennie Thompson, D-Miss., speaks during a House Homeland Security Committee hearing on Capitol Hill on March 25, 2026 in Washington, D.C.

Ranking member Rep. Bennie Thompson, D-Miss., speaks during a House Homeland Security Committee hearing on Capitol Hill on March 25, 2026 in Washington, D.C. Andrew Harnik/Getty Images

Featured eBooks
Sponsor Content
Remaking Government: How Trump Plans to Reshape the Federal Workforce
Health Tech
Sponsor Content
Golden Dome Insights & Updates
Insights & Reports
5G Powers Mission-Ready Connectivity: Powering secure, real-time coordination for federal agencies
Presented By T-Mobile
Download Now
It’s not the injury, it’s the illness
Presented By GEBA
Download Now
Tech

Reported exposure of federal cybersecurity agency login data prompts Hill scrutiny

Lawmakers are seeking a briefing from the Cybersecurity and Infrastructure Security Agency after reports that a contractor-linked GitHub repository briefly exposed authentication credentials and cloud access information tied to the agency before it was taken offline.

David DiMolfetta

|
David DiMolfetta
David DiMolfetta
Cybersecurity Reporter, Nextgov/FCW

Top Democratic lawmakers on the House Homeland Security Committee have requested a briefing from Cybersecurity and Infrastructure Security Agency acting Director Nick Andersen following reports of a contractor-linked leak of internal agency credentials.

Independent journalist Brian Krebs reported Monday that researchers identified a publicly accessible GitHub repository connected to government contractor Nightwing that allegedly exposed a broad collection of sensitive access information tied to systems used by CISA and its parent agency, the Department of Homeland Security.

“We demand a briefing as soon as possible on how this serious security lapse occurred, any potential security consequences, remediation activities, corrective actions related to the contractor personnel involved, and efforts to monitor for and prevent similar activity from occurring in the future,” wrote Rep. Bennie Thompson of Mississippi, the committee’s ranking member, and Rep. Delia Ramirez of Illinois, the ranking member of the panel’s cyber subcommittee, in a Tuesday letter shared with Nextgov/FCW.

The materials, stored in a repository labeled “Private CISA,” reportedly included items like authentication credentials, AWS GovCloud information and other sensitive data. The repository was later removed from public view. Nextgov/FCW has not independently verified its contents.

“Security researchers said the content openly available online included information on ‘how CISA builds, tests and deploys software internally,’ and they described it as ‘one of the most egregious government data leaks in recent history.’ We agree,” said the letter, referring to the contents of Krebs' reporting.

A Nightwing spokesperson referred inquiries to CISA.

“We do not comment on congressional correspondence but respond to members directly,” an agency spokesperson said.

A separate letter to Andersen was sent by Sen. Maggie Hassan, D-N.H., Axios reported Tuesday.

CISA has undergone significant workforce cuts in the last year, which Thompson and Ramirez say may have contributed to the incident. They worry that “a substantially reduced workforce, coupled with the administration’s indifference to security, created the conditions that allowed such a significant security lapse to occur. Moreover, we are concerned that the incident undermines CISA’s credibility.”

Editor’s note: This story was updated to include a comment from CISA.

NEXT STORY: USDA is using AI, but doesn’t have the required controls to manage risks, watchdog finds