The US federal cybersecurity agency, CISA, said it did not have a prepared response plan for how it should handle a cybersecurity incident in May, after an investigative journalist notified the agency that a contractor had publicly exposed sensitive keys and credentials to access US government systems. CISA, the Homeland Security unit charged with defending