Startups & Technology

CISA admits to building incident response on the fly

CISA admits to building incident response on the fly

The security failure emerged after journalist Brian Krebs received a tip from a researcher at GitGuardian regarding a massive cache of passwords uploaded by a CISA contractor. While the researcher initially attempted to contact the vendor directly without success, the repository remained accessible until Krebs flagged the issue to the agency. CISA eventually took the files offline and rotated the compromised credentials, confirming that no mission-critical data was actually exfiltrated during the exposure.

In a post-mortem report released Friday, the agency acknowledged that its notification channels for outside researchers were poorly defined at the time of the incident. This lack of procedural clarity coincided with significant internal instability at the agency, which has operated without a permanent director since January 2025. Facing budget cuts and layoffs that have reduced its workforce by approximately one-third under the current administration, CISA is now attempting to formalize its response protocols to avoid similar improvisations during future security threats.

Share

Comments (0)

Leave a comment

No comments yet. Be the first!