Madhu Gottumukkala, acting head of the US Cybersecurity and Infrastructure Security Agency (CISA), is under review after uploading sensitive government files to the public version of ChatGPT. While the documents were not classified, they were marked “for official use only,” meaning they contained sensitive information not meant for public access.
Gottumukkala, an Indian‑origin cybersecurity expert appointed as interim CISA director in May 2025, received special permission to use ChatGPT for work purposes. At the time, the AI tool was blocked for most Department of Homeland Security (DHS) employees due to security concerns.
The files he uploaded were related to government contracts. Because public ChatGPT inputs can be used to train its AI and improve responses, the uploads triggered automated cybersecurity alerts within CISA. These alerts prompted an internal review to assess whether the data sharing posed any security risks. The results of this review have not been made public.
CISA’s Public Affairs Director, Marci McCarthy, stated that Gottumukkala’s ChatGPT access was controlled, temporary, and intended to help explore AI for government use. She emphasized that the agency is following guidelines set under President Donald Trump’s executive order to encourage AI innovation in federal work.
Internal emails indicate that Gottumukkala last used ChatGPT in mid‑July 2025 under this temporary exception. The tool remains blocked for most DHS staff unless special permission is granted.
Gottumukkala, who holds advanced degrees in information systems and computer science, continues to lead CISA as the agency assesses the incident and its potential impact on cybersecurity policies.
Also Read: Economic Survey 2026 sees 7.4% GDP growth
