Trump admin leaves security expert shocked at 'worst leak' they’ve ever seen

A contractor working for the Trump administration left sensitive government passwords open to the public, according to a new report from Krebs on Security, leaving one cybersecurity expert shocked at what they called "the worst leak that I’ve witnessed in my career."

According to the report, the contractor worked for the Cybersecurity & Infrastructure Security Agency, an entity that President Donald Trump has treated poorly since returning to office, despite signing it into law during his first term. Until this weekend, the contractor maintained a public account on GitHub, a popular website used for storing and sharing custom computer code, which included "several highly privileged [Amazon Web Services] GovCloud accounts and a large number of internal CISA systems."

Krebs on Security noted that they were tipped off about the situation by Guillaume Valadon, "a researcher with the security firm GitGuardian."

"Valadon’s company constantly scans public code repositories at GitHub and elsewhere for exposed secrets, automatically alerting the offending accounts of any apparent sensitive data exposures," the report explained. "Valadon said he reached out because the owner in this case wasn’t responding and the information exposed was highly sensitive."

The contractor's repository, which could be accessed by anyone on the site, was titled, "Private-CISA," and was found to contain "a vast number of internal CISA/DHS credentials and files, including cloud keys, tokens, plaintext passwords, logs and other sensitive CISA assets." Valadon decried the account as a "textbook example of poor security hygiene," and was so taken aback at first that they did not believe it was real.

“Passwords stored in plain text in a csv, backups in git, explicit commands to disable GitHub secrets detection feature,” Valadon wrote in an email to Krebs on Security. “I honestly believed that it was all fake before analyzing the content deeper. This is indeed the worst leak that I’ve witnessed in my career. It is obviously an individual’s mistake, but I believe that it might reveal internal practices.”

Philippe Caturegli, founder of the security consultancy Seralys, also spoke to the outlet about the leak, arguing that it would be embarrassing for any company, let alone for the U.S. government. He also had a theory about what the account was being used for.

“What I suspect happened is [the CISA contractor] was using this GitHub to synchronize files between a work laptop and a home computer, because he has regularly committed to this repo since November 2025,” Caturegli said. “This would be an embarrassing leak for any company, but it’s even more so in this case because it’s CISA.”

• george conway
• noam chomsky
• civil war
• Kayleigh mcenany
• Melania trump
• drudge report
• paul krugman
• Lindsey graham
• Lincoln project
• al franken bill maher
• People of praise
• Ivanka trump
• eric trump