Four Department of Homeland Security (DHS) officials told Politico that last summer, the acting director of the Cybersecurity and Infrastructure Security Agency (CISA) uploaded private contracting documents labeled "for official use only" into the public version of ChatGPT, setting off several automated security alerts intended to stop data exfiltration from federal networks This article explores security dhs officials. . Shortly after taking over as CISA's interim director in May 2025, Madhu Gottumukkala obtained special authorization to use the AI tool from the organization's chief information officer.

Other DHS employees were still unable to access ChatGPT at the time. The uploads took place in early August 2025, and in the first week alone, cybersecurity sensors flagged them with numerous warnings. Sensitive contracting information not intended for public release was contained in all of the files, none of which were classified.

Senior DHS officials initiated an internal review to assess possible harm to national security after CISA's defenses discovered the activity. Gottumukkala spoke with DHS officials, including Chief Information Officer Antoine McCord and then-acting general counsel Joseph Mazzara, about the uploads. In August, he also met with chief counsel Spencer Fisher and CISA's CIO Robert Costello to discuss how "for official use only" (FOUO) content should be handled.

According to DHS policy, such exposures must be investigated, causes must be evaluated, and remedies ranging from retraining to security clearance revocation must be taken into consideration. Gottumukkala received harsh criticism from an anonymous official who said, "He forced CISA's hand into making them give him ChatGPT, and then he abused it." The review's conclusion is still unknown. OpenAI, which has more than 700 million active users, receives user input from Public ChatGPT.

This puts sensitive data training models at risk of being accessed by adversaries, such as state-backed hackers from China and Russia—exactly the threats that CISA combats. Gottumukkala used ChatGPT "with DHS controls in place" under a "short-term and limited" exception, according to CISA spokesperson Marci McCarthy; she last used it in mid-July 2025. In accordance with President Trump's executive order, she underlined the agency's commitment to AI.

On the other hand, data is stored on federal networks by authorized DHS tools like the internal DHSChat. Sensitive document handling training is provided to all federal employees. Learn more Cyber-exploitation MacOS security software that has been exploited Exploitation Hacker tools guide Cyberattack prevention software Cyber Security Computer security consulting Gottumukkala’s tenure has drawn scrutiny. Six career staff members were placed on leave after his unsanctioned counterintelligence polygraph failure.

He refuted the "failed test" premise in his testimony. According to Politico, LinkedIn, and X for daily cybersecurity updates, he tried to remove Costello last week but was thwarted by appointees. To have your stories featured, get in touch with us.