Originally published on May 19, 2026, by Abinaya for Cyber Security News.

A major security lapse has exposed highly sensitive U.S. government cloud credentials after a contractor working with the Cybersecurity and Infrastructure Security Agency (CISA) accidentally published them in a public GitHub repository.

The repository, named “Private-CISA,” remained publicly accessible until mid-May 2026 and contained a wide range of sensitive data, including AWS GovCloud credentials, plaintext passwords, API tokens, and internal system details.

Security researchers warn that this incident could rank among the most serious government-related data exposures in recent years.

Guillaume Valadon, a researcher at GitGuardian, first identified the issue. This firm continuously scans public repositories for exposed secrets.