Contractor’s public GitHub account exposed GovCloud and CISA credentials
Summary
A publicly accessible GitHub repository, "Private-CISA," exposed credentials for US government AWS accounts and internal CISA systems for several months. Discovered by researcher Guillaume Valadon, the repository contained sensitive data including plain-text passwords, AWS tokens, and internal documentation. The repository was quickly taken offline after being reported.
IFF Assessment
The exposure of sensitive government credentials and internal documentation represents a significant security lapse and bad news for defenders.
Severity
Defender Context
This incident highlights the critical importance of secure credential management and preventing the accidental exposure of sensitive data in public repositories. Defenders should ensure strict access controls, employ secrets scanning tools, and conduct regular audits of code repositories to prevent similar breaches.