NRI PULSE STAFF REPORT
Washington, D.C., January 29, 2026: Madhu Gottumukkala, the Indian-origin acting head of the U.S. Cybersecurity and Infrastructure Security Agency (CISA), is facing internal scrutiny following reports that he uploaded sensitive government contracting documents to a public version of ChatGPT shortly after taking office last summer.
According to multiple media reports citing internal sources, Gottumukkala shared documents marked “For Official Use Only” (FOUO) on the publicly available artificial intelligence platform while carrying out work-related tasks. While the materials were not classified, FOUO documents are intended to remain within secure government systems and are not meant to be shared on public platforms.
Automated cybersecurity monitoring systems reportedly flagged the uploads, triggering alerts within the Department of Homeland Security (DHS), which oversees CISA. The incident has since prompted an internal review to assess whether the disclosures posed any security or compliance risks. The outcome of that review has not yet been made public.
CISA is the federal agency responsible for protecting U.S. government networks and critical infrastructure from cyber threats, making the incident particularly sensitive. Federal agencies, including DHS, generally restrict the use of public AI tools such as ChatGPT for handling internal or sensitive government data, favoring approved and secure internal systems instead.
Reports indicate that at the time of the uploads, most DHS employees did not have access to public versions of ChatGPT. Gottumukkala reportedly received special permission to use the platform under limited controls, a decision that has drawn criticism from some officials who questioned whether those permissions were appropriately exercised.
Dr. Gottumukkala, an India-born American technology executive, was appointed acting director of CISA in May 2025 under President Donald Trump’s administration. Prior to his federal role, he served in senior information technology and cybersecurity positions at the state level, including in South Dakota.
Earlier, Politico reported that Gottumukkala has also been involved in an internal controversy related to a polygraph examination. According to the report, at least six career staffers at CISA were placed on paid administrative leave this summer after organizing a polygraph test connected to Gottumukkala’s request for access to a highly sensitive cyber intelligence program shared with the agency by another U.S. intelligence entity. While multiple current and former officials told Politico that Gottumukkala did not pass the test, the Department of Homeland Security disputed that characterization, stating that the polygraph was “unsanctioned” and that Gottumukkala did not fail an authorized examination. DHS said the staffers are under investigation for allegedly providing misleading information about the need for the test. The episode, Politico reported, has intensified concerns among current and former officials about leadership, accountability, and morale at the agency, which has faced major staffing losses and continues to operate without a Senate-confirmed director.
Cover photo credit: Cybersecurity and Infrastructure Security Agency/Facebook.
