May 19, 2026
GitHub and let die
CISA Admin Leaked AWS GovCloud Keys on GitHub
The agency meant to keep us safe is getting roasted for leaving the keys out in public
TLDR: A contractor for the U.S. cybersecurity agency reportedly exposed highly sensitive government login details on a public code site, and experts called it a shockingly bad leak. Commenters turned the story into a roast, blaming sloppy habits, ignored warnings, and a broader culture of dumping secrets into GitHub and AI tools.
This story landed online like a flaming bag of irony: the U.S. agency charged with helping defend government systems allegedly had a public GitHub page stuffed with what experts say were extremely sensitive login details, including access to protected Amazon government cloud accounts and plain-text password files. Security researchers didn’t just call it bad — one said it was the worst leak of his career. And the internet immediately did what it does best: gasp, dunk, and spiral into a bigger argument about whether anyone should still be trusted with secret keys at all.
The strongest reaction by far was pure disbelief at the sloppiness. Commenters were especially stunned by the detail that the account owner reportedly turned off GitHub’s built-in warning system for posting secrets, then didn’t respond when a researcher tried to raise the alarm. That sparked the loudest outrage: not just “how did this happen?” but “how do you ignore the fire alarm too?” Others took the scandal and widened it into a full-blown culture-war-on-security moment, arguing this is “yet another argument for the death of the API key” and saying modern workplaces are basically spraying sensitive information into every tool they touch.
Then came the dark comedy. One commenter joked that people worry about files being uploaded to GitHub, while AI chatbots may be slurping up secret files too if they sit nearby on your machine. Another piled on with a link claiming sensitive docs also ended up in ChatGPT, turning the whole thread into a grim meme about the government’s new cybersecurity strategy: please stop posting everything everywhere.
Key Points
- •A public GitHub repository maintained by a CISA contractor exposed highly privileged AWS GovCloud credentials and numerous internal CISA files until the past weekend.
- •GitGuardian researcher Guillaume Valadon reported the exposure after the repository owner did not respond to alerts and said the repository showed poor security hygiene.
- •The exposed files included administrative credentials for three AWS GovCloud servers and a CSV containing plaintext usernames and passwords for dozens of internal CISA systems.
- •Philippe Caturegli of Seralys said he validated that the leaked AWS credentials could authenticate to three AWS GovCloud accounts with high privilege.
- •CISA said it was aware of the reported exposure, was investigating the matter, and had no indication at that time that sensitive data had been compromised as a result.