CISA试图遏制数据泄露,两院议员要求给出答案
在美国网络安全和基础设施安全局(CISA)的一名承包商故意在公开的GitHub账户上发布AWS GovCloud密钥及其他大量机构机密后,国会两院议员纷纷要求该机构给出解释。目前,CISA仍在努力遏制此次泄露事件并废止已泄露的凭证。
相关报道
Lawmakers are demanding answers from CISA as the agency works to contain a data leak. The incident has raised concerns over the security of sensitive information held by the cybersecurity agency, prompting calls for transparency and accountability from Congress.
GitGuardian discovered a critical GitHub leak exposing CISA's internal infrastructure, including hardcoded credentials and API keys. Within 26 hours of reporting, the leak was fully removed, highlighting both the prevalence of secret exposure in repositories and the effectiveness of rapid coordinated response between security researchers and government agencies.