Trump's acting cyber chief uploads sensitive files to public ChatGPT — report
According to Politico, Madhu Gottumukkala, the acting head of the US Cybersecurity and Infrastructure Security Agency, has triggered an internal investigation after inputting sensitive material into a public AI tool.
The acting head of the United States' cyber defence agency has uploaded sensitive government documents into a public version of ChatGPT, triggering internal cybersecurity warnings and a Department of Homeland Security (DHS) damage assessment, according to Politico.
The incident involved Madhu Gottumukkala, the interim director of the Cybersecurity and Infrastructure Security Agency (CISA), who uploaded contracting documents marked "for official use only" into the AI chatbot last summer.
The designation applies to information considered sensitive and not intended for public release, although the files were not classified, the officials said.
The uploads were flagged by CISA’s cybersecurity monitoring systems in August, triggering multiple automated alerts designed to prevent the unauthorised disclosure of government material.
Senior DHS officials later launched an internal review to assess whether the incident had compromised government security, according to the report.
It remains unclear what conclusions the review reached.
The episode drew particular scrutiny because Gottumukkala had requested special permission to use ChatGPT shortly after arriving at CISA in May.
At the time, access to the tool was blocked for most DHS employees, Politico reported.
Following the incident, Gottumukkala held meetings with senior DHS and CISA officials, including legal and information security chiefs, to review the uploads and discuss the handling of sensitive material.
DHS policy requires investigations into the cause and impact of any exposure of restricted documents and allows for disciplinary measures ranging from retraining to the suspension of security clearances.