Trump's Cybersecurity Chief Uploaded Sensitive Materials to Public ChatGPT Platform
The acting director of the Cybersecurity and Infrastructure Security Agency under President Donald Trump uploaded sensitive government materials to a public version of ChatGPT last summer, triggering an internal Department of Homeland Security review, according to a new investigative report.
Madhu Gottumukkala, who served as CISA's acting director during the Trump administration, shared documents marked "for official use only" with the artificial intelligence platform in July 2025. Multiple unnamed DHS officials confirmed the incident to Politico, revealing that the upload set off automated security alerts designed to prevent disclosure of government materials.
Special Access Granted Despite Widespread Restrictions
What makes this incident particularly noteworthy is that Gottumukkala had obtained special permission to use ChatGPT at a time when most DHS employees were prohibited from accessing the platform. "He forced CISA's hand into making them give him ChatGPT," one official told Politico, adding pointedly, "And then he abused it."
The uploaded materials, while not classified, contained sensitive contracting information that was not intended for public release. Their exposure to ChatGPT's public version—built by OpenAI and used by nearly one billion users—created potential security vulnerabilities, as data entered into the platform can be incorporated into prompts and potentially exposed to other users.
Internal Review and Agency Response
In August 2025, top DHS officials conducted an internal review to determine whether any government infrastructure had been compromised by the upload. The outcome of that review remains undisclosed, leaving questions about potential consequences unanswered.
Marci McCarthy, CISA's director of public affairs, appeared to downplay the incident in an emailed statement to Politico. She noted that Gottumukkala "was granted permission to use ChatGPT with DHS controls in place" and described the use as "short-term and limited."
"Acting Director Dr. Madhu Gottumukkala last used ChatGPT in mid-July 2025 under an authorized temporary exception granted to some employees," McCarthy added. "CISA's security posture remains to block access to ChatGPT by default unless granted an exception."
Broader Context and Previous Controversies
This incident occurs against a backdrop of increasing AI adoption across U.S. workplaces. According to a new Gallup poll, twelve percent of American adults now report using artificial intelligence daily in their jobs, highlighting the growing tension between technological advancement and security protocols.
Gottumukkala's tenure at CISA has been marked by several controversies. The cybersecurity chief, who previously served as chief information officer for South Dakota's Bureau of Information and Technology, has led the agency since May 2025 when DHS Secretary Kristi Noem appointed him as deputy director.
Last year, Politico reported that at least half a dozen CISA staffers were placed on leave after Gottumukkala failed a polygraph test he had requested—a claim he has since denied. In a recent congressional appearance, he told a lawmaker he didn't "accept the premise of that characterization."
National Security Implications
The incident raises significant questions about AI governance within government agencies responsible for national security. CISA, charged with bolstering the defenses of government networks against adversarial nations including China and Russia, now faces scrutiny over its internal controls regarding emerging technologies.
McCarthy's statement noted that the agency remains committed to enhancing America's dominance in artificial intelligence, as outlined in a January 2025 executive order from President Trump. However, this incident highlights the challenges of balancing innovation with security protocols when implementing new technologies within sensitive government environments.
Representatives for both CISA and OpenAI did not immediately respond to requests for comment from The Independent regarding the reported security breach and its implications for government use of artificial intelligence platforms.
