This event is archived. Final snapshot from when the story concluded. View on Dashboard
Events / CISA Interim Head Uploads Sensitive...
Regulatory data breach

CISA Interim Head Uploads Sensitive Files to ChatGPT

Analysis based on 36 articles · First reported Jan 29, 2026 · Last updated Jan 29, 2026

Sentiment
-40
Attention
4
Articles
36
Market Impact
Direct
Live prominence charts, article sentiment distribution, and event development timeline available on the NewsDesk Dashboard
Market Impact

The incident involving Madhu Gottumukkala and the United States===Cybersecurity and Infrastructure Security Agency (CISA) could negatively impact the market's perception of government cybersecurity practices and the security of sensitive data. It may also lead to increased scrutiny and potential regulatory changes regarding the use of public AI tools by government employees, affecting companies like OpenAI.

Cybersecurity Government Technology
Event Summary

Madhu Gottumukkala, the interim head of the United States===Cybersecurity and Infrastructure Security Agency (CISA), uploaded sensitive, unclassified government contracting files marked 'for official use only' into a public version of OpenAI's ChatGPT last summer. This action triggered automated security alerts designed to prevent the disclosure of government material. Gottumukkala had sought and received special approval to use ChatGPT, despite it being blocked for most United States===United States Department of Homeland Security (DHS) employees. Following the detection of these uploads in August, senior DHS leaders, including Joseph Mazzara and Antoine McCord, initiated an internal review to assess potential security risks. Gottumukkala also met with CISA CIO Robert Costello and chief counsel Spencer Fisher regarding the incident. The use of public AI tools like ChatGPT raises concerns because information entered can be shared with OpenAI and potentially used for other users, unlike internal government-approved AI platforms. This incident has brought scrutiny to CISA's internal security protocols and Gottumukkala's leadership, especially given previous controversies during his tenure, such as an unsanctioned counterintelligence polygraph and an attempt to remove Costello from his post.

Key Actions
100 Madhu Gottumukkala uploaded sensitive contracting files to public ChatGPT OpenAI
90 United States===Cybersecurity and Infrastructure Security Agency detected unauthorized data uploads
80 United States===United States Department of Homeland Security initiated an internal review to assess whether the disclosures had compromised government security United States===Cybersecurity and Infrastructure Security Agency
80 United States===United States Department of Homeland Security initiated internal review of data disclosure United States===Cybersecurity and Infrastructure Security Agency
70 Madhu Gottumukkala sought special approval from CISA's Office of the Chief Information Officer to use ChatGPT United States===Cybersecurity and Infrastructure Security Agency
70 Madhu Gottumukkala sought special approval to use ChatGPT United States===Cybersecurity and Infrastructure Security Agency
60 Madhu Gottumukkala attempted to remove Robert Costello from his post Robert Costello
60 Madhu Gottumukkala attempted to remove CIO from post Robert Costello
Entities Involved
per
Madhu Gottumukkala
Madhu Gottumukkala, interim head of the United States===Cybersecurity and Infrastructure Security Agency (CISA), uploaded sensitive government contracting files to a public version of OpenAI's ChatGPT, triggering security alerts. This action has led to an internal review and scrutiny over his leadership and judgment, potentially impacting his career and reputation.
Importance 100 Sentiment -70
govactor
United States===Cybersecurity and Infrastructure Security Agency
The United States===Cybersecurity and Infrastructure Security Agency (CISA) is facing scrutiny due to its interim head, Madhu Gottumukkala, uploading sensitive documents to a public AI tool. This incident raises concerns about CISA's internal security protocols and the handling of sensitive government information, potentially undermining public trust in the agency's ability to protect federal systems.
Importance 100 Sentiment -50
govactor
United States===United States Department of Homeland Security
The United States===United States Department of Homeland Security (DHS) is involved in reviewing the data disclosure incident at the United States===Cybersecurity and Infrastructure Security Agency (CISA). Senior DHS leaders, including Joseph Mazzara and Antoine McCord, participated in evaluating potential risks, indicating a broader departmental concern over data security and employee conduct.
Importance 70 Sentiment -30
priv
OpenAI
OpenAI's public version of ChatGPT was used by Madhu Gottumukkala to upload sensitive government files. This incident highlights the risks associated with using public AI tools for sensitive information, as data entered into ChatGPT may be shared with OpenAI and used to generate responses for other users, raising privacy and security concerns.
Importance 60 Sentiment -20
cnt
United States
The United States government's cybersecurity practices are under scrutiny following the incident involving Madhu Gottumukkala. The event underscores the challenges of maintaining data security within federal agencies and the need for strict adherence to protocols regarding sensitive information and AI tool usage.
Importance 50 Sentiment -10
per
Joseph Mazzara
Joseph Mazzara, then-acting DHS general counsel, participated in evaluating potential risks to the United States===United States Department of Homeland Security (DHS) following the data upload incident by Madhu Gottumukkala.
Importance 20 Sentiment 0
per
Antoine McCord
Antoine McCord, DHS chief information officer, participated in evaluating potential risks to the United States===United States Department of Homeland Security (DHS) following the data upload incident by Madhu Gottumukkala.
Importance 20 Sentiment 0
+ 9 more entities View on Dashboard
Relationships
Madhu Gottumukkala related United States===Cybersecurity and Infrastructure Security Agency
United States===Cybersecurity and Infrastructure Security Agency related United States===United States Department of Homeland Security
Joseph Mazzara related United States===United States Department of Homeland Security
Antoine McCord related United States===United States Department of Homeland Security
Robert Costello related United States===Cybersecurity and Infrastructure Security Agency
Spencer Fisher related United States===Cybersecurity and Infrastructure Security Agency
Marci McCarthy related United States===Cybersecurity and Infrastructure Security Agency
Madhu Gottumukkala related United States===United States Department of Homeland Security
NEWSDESK
Track this event live

Set up alerts, explore entity relationships, search across thousands of events, and build custom intelligence feeds.

Open Dashboard

About NewsDesk

NewsDesk is a news intelligence platform that converts raw news articles into structured data. It tracks events, entities, and the relationships between them, with sentiment and attention metrics derived from thousands of articles. Pages on this site are daily static snapshots from the platform's live database. For real-time tracking, search, and alerts, the full dashboard is at app.newsdesk.dev.