- Today
- Holidays
- Birthdays
- Reminders
- Cities
- Atlanta
- Austin
- Baltimore
- Berwyn
- Beverly Hills
- Birmingham
- Boston
- Brooklyn
- Buffalo
- Charlotte
- Chicago
- Cincinnati
- Cleveland
- Columbus
- Dallas
- Denver
- Detroit
- Fort Worth
- Houston
- Indianapolis
- Knoxville
- Las Vegas
- Los Angeles
- Louisville
- Madison
- Memphis
- Miami
- Milwaukee
- Minneapolis
- Nashville
- New Orleans
- New York
- Omaha
- Orlando
- Philadelphia
- Phoenix
- Pittsburgh
- Portland
- Raleigh
- Richmond
- Rutherford
- Sacramento
- Salt Lake City
- San Antonio
- San Diego
- San Francisco
- San Jose
- Seattle
- Tampa
- Tucson
- Washington
US Cyber Agency Chief Flagged for Uploading Sensitive Files to ChatGPT
Incident involving CISA acting director raises questions about AI adoption in government
Jan. 29, 2026 at 4:47am
Got story updates? Submit your updates here. ›
The acting head of the US government's top cyber defense agency, the Cyber Security and Infrastructure Security Agency (CISA), is under scrutiny after sensitive government documents were uploaded to a public version of ChatGPT, triggering internal security alerts at the Department of Homeland Security.
Why it matters
The episode offers a revealing case study in the risks of AI adoption inside government, especially when senior officials test the boundaries of rules designed to protect sensitive data. It highlights the challenges federal agencies face in harnessing powerful AI tools without undermining established security norms.
The details
According to a Politico report, the incident involved Madhu Gottumukkala, the acting director of CISA. While the files were not classified, some were marked 'for official use only', a label meant to keep information out of public circulation. The uploads were detected by DHS cyber security monitoring systems and traced back to Gottumukkala, who had received special approval to use ChatGPT under limited conditions. However, the uploads still triggered alarms meant to stop government material from leaving secure systems. An internal DHS review was launched to assess any potential risks, but the outcome has not been made public.
- In mid-July 2025, Gottumukkala's authorized use of ChatGPT ended.
The players
Madhu Gottumukkala
The acting director of the Cyber Security and Infrastructure Security Agency (CISA).
Joseph Mazzara
The then-acting DHS general counsel who participated in the review of the incident.
Antoine McCord
The DHS chief information officer who participated in the review of the incident.
Robert Costello
The CISA CIO who participated in the review of the incident.
Spencer Fisher
The CISA chief counsel who participated in the review of the incident.
What they’re saying
“We must not let individuals continue to damage private property in San Francisco.”
— Robert Jenkins, San Francisco resident (San Francisco Chronicle)
What’s next
The outcome of the internal DHS review to assess the potential risks of the incident has not been made public.
The takeaway
This case highlights the delicate balance federal agencies must strike between harnessing the power of AI and upholding strict data handling rules. As government adoption of AI tools continues to grow, incidents like this serve as cautionary tales, underscoring the need for robust security controls and clear accountability measures.
Washington top stories
Washington events
Mar. 17, 2026
Wizards VIP Packages: 3/17/2026
Mar. 17, 2026
Artemas - LOVERCORE Tour
Mar. 17, 2026
Inherit the Wind