The Indian-origin acting head of the US Cybersecurity and Infrastructure Security Agency (CISA), Madhu Gottumukkala, is under investigation after reportedly uploading sensitive government contracting documents to the public version of ChatGPT, according to multiple media reports.
Read More: OpenAI unveils GPT-5 with smarter AI and coding boost
The material, uploaded last summer, was not classified but was marked “For Official Use Only”, a designation for sensitive government information not intended for public release. Gulf News reported that the disclosures triggered internal cybersecurity alerts and prompted a review by the Department of Homeland Security (DHS).
CISA head, Madhu Gottumukkala, used special access to ChatGPT – blocked for other DHS staff – to input sensitive “For Official Use Only” contracting documents
This potentially exposed govt info to OpenAI, as public ChatGPT uploads are shared with the platform’s developers and… pic.twitter.com/5kAU9LYIXX
— Narramuss (@narramuss) January 29, 2026
According to Politico, four DHS officials familiar with the matter said the uploads activated automated security warnings designed to detect unauthorised disclosures from federal networks. The alerts were reportedly triggered multiple times in August 2025, particularly during the first week of the month.
Gottumukkala, who has served as acting CISA director since May 2025, had sought and received a temporary exception from the agency’s Office of the Chief Information Officer to access ChatGPT while exploring artificial intelligence tools. At the time, most DHS staff were blocked from using the public platform due to security concerns.
View this post on Instagram
CISA Director of Public Affairs Marci McCarthy told Politico that Gottumukkala “was granted permission to use ChatGPT with DHS controls in place,” adding that the access was “short-term and limited.” She said the agency continues to block ChatGPT by default unless exceptions are approved, and that Gottumukkala last used the platform in mid-July 2025.
DHS officials launched an internal review to determine whether the disclosures caused any harm, though its findings have not been made public. Gottumukkala discussed the matter with senior officials, including then-acting general counsel Joseph Mazzara and DHS chief information officer Antoine McCord.
Read More: ChatGPT Android app adds extended thinking mode
The episode has intensified scrutiny of Gottumukkala’s leadership. It follows reports that at least six career staff were placed on leave after he failed a counterintelligence polygraph exam that DHS later described as “unsanctioned.” Gottumukkala has publicly rejected claims that he failed the test.
CISA is responsible for defending US government networks and critical infrastructure from advanced cyber threats, including those linked to Russia and China.