Cyber Chief Madhu Gottumukkala Investigated For Uploading Files On ChatGPT

Photo: X

India-West News Desk

WASHINGTON, DC – The acting head of the nation’s cyber defense agency, Madhu Gottumukkala, uploaded sensitive government contracting material into a publicly accessible version of ChatGPT last summer, prompting internal security alerts and a subsequent review by senior Department of Homeland Security officials, according to a Politico report.

Gottumukkala, who has served as the acting director of the Cybersecurity and Infrastructure Security Agency since May. According to four DHS officials cited by Politico, he entered documents marked “for official use only” into the commercial version of ChatGPT, a platform that shares user inputs with its developer, OpenAI. While the materials were not classified, the designation signals information that is considered sensitive and not intended for public release.

The uploads triggered multiple automated security warnings within CISA’s network in early August, the officials said. One official told Politico that several alerts were generated within the first week alone. Following the detections, DHS leadership initiated an internal review to determine whether the disclosures posed any risk to government systems or data. Officials familiar with the matter said it remains unclear what conclusions, if any, were reached.

The episode drew additional scrutiny because Gottumukkala had sought and received special authorization to use ChatGPT shortly after joining the agency. At the time, access to the tool was restricted for other DHS employees. In a statement to Politico, CISA spokesperson Marci McCarthy said Gottumukkala’s use of ChatGPT was approved with controls in place, limited in scope, and short term.

Gottumukkala is the most senior political official currently leading CISA, an agency responsible for protecting federal networks from foreign cyber threats, including those linked to Russia and China. Unlike DHS-approved tools such as the internally developed DHSChat, the public version of ChatGPT is not configured to keep data within government systems.

According to the officials cited by Politico, Gottumukkala later met with senior DHS leaders to review the materials he had uploaded.

The ChatGPT incident adds to a series of challenges during Gottumukkala’s tenure. Earlier this summer, several career staff members were placed on leave following an unsanctioned counterintelligence polygraph that Gottumukkala requested and failed.

During congressional testimony last week, Gottumukkala said he did not accept the characterization that he failed the test. More recently, he attempted to remove CISA’s chief information officer, an effort that was blocked by other political appointees at the agency.