US cybersecurity chief uploads confidential documents to ChatGPT

Madhu Gottumukkala and ChatGPT. (Image source: CISA.gov, public domain, edited by Notebookcheck)

Madhu Gottumukkala, Acting Director of the Cybersecurity and Infrastructure Security Agency, triggered internal security alerts by uploading sensitive documents to ChatGPT. The incident raises questions about data security at CISA.

Marc Herter (translated by Jacob Fisher), Published 01/30/2026 🇩🇪

AI Security Fail Hack / Data Breach

The Acting Director of the Cybersecurity and Infrastructure Security Agency (CISA), the top US cybersecurity agency, was responsible for a security incident last year. Madhu Gottumukkala uploaded sensitive government documents to a public version of ChatGPT. According to information obtained by Politico from four DHS officials, this action triggered several automated security alerts. These sensors are designed to prevent the theft or unintentional disclosure of government material from federal networks. The systems reportedly raised alarms multiple times during the first week of August alone.

Gottumukkala used a special exemption to access the AI chatbot, which he had requested from CISA's Chief Information Officer shortly after taking office in May. At that time, the app was restricted to regular Department of Homeland Security employees. While the uploaded files were not classified documents, they were contract documents marked "For Official Use Only". This designation indicates sensitive information not intended for public release.

The incident is particularly controversial due to the technical nature of the tool used. Inputs into the public version of ChatGPT are transmitted to developer OpenAI and can theoretically be used to further train the model or respond to queries from other users. In contrast, officially approved AI tools used by the Department of Security, such as the internal "DHSChat", are configured so that no data or search queries leave the protected federal networks. OpenAI states that the service now has over 700 million active users, highlighting the risk of potential exposure.

Meanwhile, CISA is trying to smooth things over. Spokeswoman Marci McCarthy said the use was approved, short-term, limited, and took place under security precautions. She also contradicted the timeline and said the director last used the tool in mid-July. This contradicts statements by officials that security sensors still registered uploads in early August. An internal investigation is now attempting to determine whether the incident caused any actual damage. The incident is one of a series of controversies surrounding Gottumukkala, who, according to reports, had previously failed a polygraph test for counterintelligence.

Source(s)

IOL, Politico

⟨

Xiaomi: Compact soundbar with wireless subwoofer and RGB lighting gets global launch

Please share our article, every link counts!

Add as a preferred
source on Google

No comments for this article

Got questions or something to add to our article? Even without registering you can post in the comments!

No comments for this article / reply

Loading Comments

Comment on this article

Editor of the original article: Marc Herter - Managing Editor Consumer Laptops - 564 articles published on Notebookcheck since 2021

From an early age I liked to thoroughly examine all kinds of devices to see how they worked, which also involved taking my own devices apart and therefore not always to the delight of my parents. Nevertheless, with my grandfather’s support, I became a computer and electronics tinkerer. With the family PC and Lego Mindstorms, my interested in software and programming took off, and I am currently an engineering program student. I enjoy building all sorts of gadgets with Arduino and 3D printers, and I still like to put electronic devices through their paces. By joining the Notebookcheck editorial team, I have been able to turn my hobby into a profession.

contact me via: Facebook, marc_i_may

Translator: Jacob Fisher - Translator - 2765 articles published on Notebookcheck since 2022

Growing up in regional Australia, I first became acquainted with computers in my early teens after a broken leg from a football (soccer) match temporarily condemned me to a predominately indoor lifestyle. Soon afterwards I was building my own systems. Now I live in Germany, having moved here in 2014, where I study philosophy and anthropology. I am particularly fascinated by how computer technology has fundamentally and dramatically reshaped human culture, and how it continues to do so.

> Expert Reviews and News on Laptops, Smartphones and Tech Innovations > News > News Archive > Newsarchive 2026 01 > US cybersecurity chief uploads confidential documents to ChatGPT

Marc Herter, 2026-01-30 (Update: 2026-01-30)

Source(s)

No comments for this article

Related Articles