Trump-appointed cybersecurity chief flagged for sharing internal files on ChatGPT

The acting head of the US Cybersecurity and Infrastructure Security Agency uploaded sensitive internal government documents to ChatGPT, prompting internal security alerts and a review by federal officials, according to Politico.

The outlet reported Tuesday that CISA acting director Madhu Gottumukkala, who was appointed by President Donald Trump, uploaded contracting materials marked “for official use only” to the publicly available artificial intelligence platform.

Officials said the activity triggered automated safeguards meant to prevent government files from being improperly shared or removed from federal systems.

Although the documents were not classified, officials expressed concern about the risks associated with placing internal government material into a public tool. Federal agencies have warned that uploading internal records to open AI platforms can result in the information being retained or reused in ways that are difficult to control.

Gottumukkala had previously received approval to use ChatGPT at a time when access to the platform was restricted for other CISA employees, according to the report. After the uploads were flagged, officials at the Department of Homeland Security, which oversees CISA, reviewed whether the incident posed any risk to government security.

A CISA spokesperson told Politico that Gottumukkala’s use of ChatGPT was “short-term and limited,” but declined to provide further details about the materials involved.

Before joining CISA, Gottumukkala served as chief information officer for the state of South Dakota under then-Governor Kristi Noem. After his appointment to the federal agency, he reportedly failed a counterintelligence polygraph examination. Homeland Security later said the test was “unsanctioned.”

Following that episode, Gottumukkala suspended six career employees from access to classified information, a decision that drew internal concern, according to the report.

The incident comes as federal agencies continue to struggle with how to regulate the use of artificial intelligence tools by officials who handle sensitive government information.