The appearing director of the Cybersecurity and Infrastructure Safety Company, Madhu Gottumukkala, uploaded delicate contracting paperwork right into a public model of ChatGPT final summer season, triggering a number of automated safety warnings, Politico reported. In accordance with Division of Homeland Safety officers, the cybersecurity sensors at CISA flagged the uploads this previous August. One official specified there have been a number of such warnings within the first week of August alone. Senior officers at DHS subsequently led an inside overview to evaluate if there had been any hurt to govt safety from the exposures, in accordance with two of the 4 officers. It isn’t clear what the overview concluded.Not one of the information Gottumukkala plugged into ChatGPT had been categorized, in accordance with the officers. Nevertheless, the fabric included CISA contracting paperwork marked “for official use solely,” a authorities designation for info that’s thought-about delicate and never for public launch.The incident drew consideration as a result of Gottumukkala requested particular permission from CISA’s Workplace of the Chief Data Officer to make use of the AI software quickly after arriving on the company this Could, three of the officers mentioned. The app was blocked for different DHS staff on the time.In an emailed assertion, CISA’s Director of Public Affairs Marci McCarthy mentioned Gottumukkala “was granted permission to make use of ChatGPT with DHS controls in place,” and that “this use was short-term and restricted.” McCarthy added that the company was dedicated to “harnessing AI and different cutting-edge applied sciences to drive authorities modernization and ship on” Trump’s government order eradicating limitations to America’s management in AI.The e-mail additionally appeared to dispute the timeline of POLITICO’s reporting: “Performing Director Dr Madhu Gottumukkala final used ChatGPT in mid-July 2025 underneath a certified momentary exception granted to some staff. CISA’s safety posture stays to dam entry to ChatGPT by default except granted an exception.”Gottumukkala is presently the senior-most political official at CISA, an company tasked with securing federal networks in opposition to refined, state-backed hackers from adversarial nations, together with Russia and China.Any materials uploaded into the general public model of ChatGPT that Gottumukkala was utilizing is shared with ChatGPT-owner OpenAI, which means it may be used to assist reply prompts from different customers of the app. OpenAI has mentioned the app has greater than 700 million whole lively customers.Different AI instruments now accepted to be used by DHS staff, reminiscent of DHS’s self-built AI-powered chatbot, DHSChat, are configured to stop queries or paperwork enter into them from leaving federal networks.Gottumukkala “pressured CISA’s hand into making them give him ChatGPT, after which he abused it,” mentioned the primary official.All federal officers are skilled on the right dealing with of delicate paperwork. In accordance with DHS coverage, safety officers are additionally supposed to analyze the “trigger and have an effect on” of any publicity of official use paperwork, and decide the “appropriateness” of any administrative or disciplinary motion. Relying on the circumstances, these may vary from necessary retraining or a proper warning to extra severe measures, such because the suspension or revocation of a safety clearance, mentioned one of many 4 officers.After DHS detected the exercise, Gottumukkala spoke with senior officers at DHS to overview what he uploaded into ChatGPT, mentioned two of the 4 officers. DHS’s then-acting common counsel, Joseph Mazzara, was concerned within the effort to evaluate any potential hurt to the division, in accordance with the primary official. Antoine McCord, DHS’s chief info officer, was additionally concerned, in accordance with a second official.Gottumukkala additionally had conferences this August with CISA’s chief info officer, Robert Costello, and its chief counsel, Spencer Fisher, in regards to the incident and the right dealing with of for official use solely materials, the 4 individuals mentioned.Gottumukkala has led the company in an appearing capability since Could, when he was appointed by DHS Secretary Kristi Noem as its deputy director. Donald Trump’s nominee to go CISA, DHS particular adviser Sean Plankey, was blocked final 12 months by Sen. Rick Scott (R-Fla.) over a Coast Guard shipbuilding contract. A date for his new affirmation listening to has not been set.Gottumukkala’s tenure atop the company has not been easy, and the ChatGPT incident was not his first security-related matter.No less than six profession employees had been positioned on go away this summer season after Gottumukkala failed a counterintelligence polygraph examination that he pushed to take, as POLITICO first reported. DHS has known as the polygraph “unsanctioned.” Requested throughout Congressional testimony final week if he was “conscious” of the failed check, Gottumukkala twice instructed Rep. Bennie Thompson (D-Miss.) that he didn’t “settle for the premise of that characterization.”Final week, Gottumukkala tried to oust Costello, CISA’s CIO, earlier than different political appointees on the company intervened to dam the transfer.
