Madhu Gottumukkala, the acting head of the U.S. government’s lead cybersecurity agency, became the focus of an internal review after uploading sensitive government documents to ChatGPT during the Trump administration.
Madhu Gottumukkala has served as acting director of the Cybersecurity and Infrastructure Security Agency since May 2025. He is an Indian-American technology official with oversight of national cyber defense operations.
What Triggered the Review
In mid to late 2025, Gottumukkala uploaded internal U.S. government lines to the public interpretation of ChatGPT. The materials were unclassified but clearly marked “For Official Use Only,” meaning they were restricted to internal systems.
The uploads stood out because most employees at the Department of Homeland Security were prohibited from using public AI tools at the time.
Key Facts
- Gottumukkala had special authorization to use ChatGPT
- Uploaded documents related to cybersecurity operations and contracting
- Automated monitoring systems detected the uploads
- Multiple alerts were generated shortly after submission
Government Response
The alerts prompted an internal cybersecurity and compliance review within DHS and CISA. Officials examined whether Madhu Gottumukkala’s actions created security risks or violated internal policy.
CISA later said the ChatGPT use occurred within controlled limits and that safeguards were in place. While no classified information was involved, the incident intensified scrutiny around AI use by senior government officials and reinforced the need for stricter controls on emerging technologies inside federal agencies.
