
The U.S. federal cybersecurity organization CISA stated that it lacked a pre-established response strategy for addressing a cybersecurity event in May, after an investigative journalist informed them that a contractor had inadvertently revealed sensitive keys and access credentials for U.S. government systems.
CISA, the Homeland Security division responsible for protecting federal networks and assisting in the defense of critical infrastructure, disclosed on Friday in a post-incident report that its personnel “had to allocate time to develop [a playbook] in the initial phases of the incident.” The agency emphasized the necessity of creating playbooks for “all expected requirements” to guarantee that organizations are prepared to react to a security breach instead of hurriedly crafting one in real-time.
The agency did not specify the extent of the delay in CISA’s response due to the absent playbook, and a spokesperson did not promptly reply to TechCrunch’s inquiry for comments.
Independent cybersecurity reporter Brian Krebs mentioned in May that a security researcher from cyber firm GitGuardian alerted him to a multitude of exposed passwords located in a publicly available GitHub repository that had been uploaded by an employee of a CISA contractor.
As per Krebs, the researcher attempted to inform the contractor but received no response. Only after Krebs reached out to CISA did the agency take down the repository and revoke and replace all the compromised credentials to avert any potential misuse in the future.
CISA asserted that no customer or mission-related data was compromised in the incident and expressed gratitude to the researcher and journalist for their assistance. The agency admitted that its protocols for enabling security researchers to notify CISA of possible incidents “were not clearly defined,” and it has implemented changes to facilitate quicker communication for researchers wanting to contact the agency.
CISA has been without a permanent director since the commencement of President Donald Trump’s second term in January 2025. The agency has also experienced cutbacks, furloughs, and layoffs impacting around one-third of its workforce since Trump assumed office.
If you buy through links in our articles, we may receive a minor commission. This does not influence our editorial autonomy.

