US cybersecurity chief leaked sensitive government files to ChatGPT: Report

The acting director of the U.S. Cybersecurity and Infrastructure Security Agency (CISA), Madhu Gottumukkala, reportedly uploaded sensitive government files to a public version of ChatGPT, prompting federal scrutiny and internal security alerts. According to a Politico investigation, these documents, marked “For Official Use Only,” were submitted last summer after Gottumukkala sought special permission to use ChatGPT, which is typically restricted for Department of Homeland Security personnel. This breach raised alarms as public versions of ChatGPT share user inputs with OpenAI, sparking concerns about possible exposure of sensitive information.

The incident is significant for the AI/ML community as it highlights the security vulnerabilities associated with AI tools in government settings, especially as federal agencies increasingly adopt AI technologies. CISA has stated that Gottumukkala's use of ChatGPT was both authorized and temporary, yet this event underscores the need for stringent controls and understanding of data handling risks when employing AI systems. With the backdrop of ongoing efforts to enhance AI integration in federal operations, this episode serves as a cautionary tale about the balance between innovation and security in the rapidly evolving AI landscape.