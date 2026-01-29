CISA's interim head, Madhu Gottumukkala, reportedly uploaded sensitive 'for official use only' contracting files to public ChatGPT. The action, which took place last summer, triggered security alerts and prompted an internal DHS review.

The interim head of the US Cybersecurity and Infrastructure Security Agency (CISA) uploaded sensitive contracting files into a public version of ChatGPT last summer, triggering automated security alerts designed to prevent the disclosure of government material, Politico reported, citing four Department of Homeland Security (DHS) officials familiar with the matter.

According to Politico, the incident involved acting CISA director Madhu Gottumukkala, who sought special approval from the agency's Office of the Chief Information Officer to use ChatGPT shortly after joining CISA in May, at a time when the tool remained blocked for most DHS employees. Although none of the documents were classified, officials said the material included contracting files marked "for official use only", a designation applied to sensitive government information not intended for public release.

Security Alerts Trigger Internal Review

Cybersecurity monitoring systems later detected the uploads in August, with multiple alerts recorded during the first week alone, Politico reported. Following the detection, senior DHS leadership initiated an internal review to assess whether the disclosures had compromised government security, though the outcome of that review remains unclear.

After the activity was flagged, Gottumukkala met senior DHS leaders to review what had been uploaded. Politico reported that then-acting DHS general counsel Joseph Mazzara and DHS chief information officer Antoine McCord participated in evaluating potential risks to the department. Gottumukkala also held meetings in August with CISA CIO Robert Costello and chief counsel Spencer Fisher regarding the incident and the proper handling of sensitive material.

CISA Responds to Incident

In response to the episode, CISA Director of Public Affairs Marci McCarthy said in a statement emailed to Politico that Gottumukkala "was granted permission to use ChatGPT with DHS controls in place", adding that "this use was short-term and limited". She also said the agency remained committed to "harnessing AI and other cutting-edge technologies to drive government modernisation and deliver on" Trump's executive order aimed at removing barriers to US leadership in artificial intelligence.

McCarthy further stated, "Acting Director Dr Madhu Gottumukkala last used ChatGPT in mid-July 2025 under an authorised temporary exception granted to some employees. CISA's security posture remains to block access to ChatGPT by default unless granted an exception."

Risks, Policy Breaches and Potential Consequences

Politico reported that any information entered into the public version of ChatGPT is shared with OpenAI and may be used to help generate responses for other users. By contrast, AI tools approved for DHS staff, including the agency's internal chatbot DHSChat, are configured to prevent data from leaving federal systems.

One official told Politico, "Gottumukkala forced CISA's hand into making them give him ChatGPT, and then he abused it."

Federal employees receive training on handling sensitive material, and DHS policy requires investigations into the "cause and affect" of any exposure of official-use documents, including whether disciplinary action is warranted. Measures can range from retraining to more serious consequences such as suspension or revocation of security clearance, officials said.

Acting Director's Tenure Marked by Controversy

Gottumukkala, currently the most senior political official at CISA, has led the agency in an acting role since May, following his appointment by DHS Secretary Kristi Noem. Politico noted that Donald Trump's nominee to permanently lead CISA, Sean Plankey, remains stalled after his confirmation was blocked last year.

The report also detailed that Gottumukkala's tenure has been marked by controversy. Earlier this summer, at least six career employees were placed on leave following an "unsanctioned" counterintelligence polygraph that Gottumukkala requested. During Congressional testimony last week, he told Rep. Bennie Thompson that he did not "accept the premise of that characterization."

Separately, Politico reported that Gottumukkala attempted to remove Costello from his post last week, a move that was halted after intervention by other political appointees at the agency.

