Last week’s ledger was about the gap between losing your data and telling you. This week’s theme is sharper: the entities whose entire job is protection failing at precisely the thing they protect. The federal cyber-defense agency leaked its own keys. A code-protection tool delivered malware. A county government paid criminals quietly and let its residents find out from threat-intelligence researchers.

CISA’s postmortem: nine unread emails, six months of exposure

The Cybersecurity and Infrastructure Security Agency — the body that issues America’s advisories on credential hygiene — released a postmortem this week on its own credential leak, and the details are worse than the May headlines.

The recap: a system administrator working for Nightwing, a Virginia-based government contractor, maintained a public GitHub repository bluntly titled “Private CISA.” Created in November 2025, it sat exposed for six months and accumulated 844 MB of sensitive material, including a file named “importantAWStokens” holding administrative credentials to three AWS GovCloud servers and a spreadsheet of plaintext usernames and passwords for dozens of internal CISA systems. The admin had manually disabled GitHub’s default push protection — the feature that exists specifically to block committing secrets.

The postmortem’s most damning findings are about process, not the contractor. Security firm GitGuardian sent nine automated alerts about the exposed secrets. All nine went unanswered — the leak was only actioned after GitGuardian enlisted journalist Brian Krebs to find a human at the agency in May 2026. Even then, CISA took more than 48 hours to revoke the AWS keys. The agency says no data was compromised and the credentials weren’t misused; the honest translation is that the scanning worked, the response pipeline didn’t exist. As GitGuardian’s Guillaume Valadon put it: “Letting nine notification emails go unanswered is how a one-day incident becomes a six-month exposure.”

CISA now commits to continuous secret scanning, real key-management procedures, and published reporting channels. Good. But hold the mirror up: if the nation’s cyber-defense agency can’t process a breach report, consider what happens to the one you send your bank.

The privacy stakes: GovCloud is where government systems hosting citizen data live. Six months of admin keys in public is six months in which anyone diligent could have been inside infrastructure adjacent to exactly the data CISA exists to defend.

jscrambler: the code protector that stole credentials

On July 11, attackers published a poisoned release — version 8.14.0 — of jscrambler, the npm package developers use to integrate Jscrambler’s JavaScript protection tooling into their build pipelines. About 15,800 weekly downloads, sitting inside CI systems everywhere.

The malicious release added a hidden preinstall hook that executed automatically on npm install, before any application code runs, dropping platform-specific binaries for Linux, macOS, and Windows. JFrog identified the payload as IronWorm, a Rust infostealer in the Shai-Hulud lineage — and the worm part is literal. The malware hunts for npm tokens in environment variables and .npmrc files, validates them against the registry, then uses the victim’s own publishing rights to inject itself into that developer’s high-download packages and publish the infected versions — self-propagation through the software supply chain, plus theft of cloud credentials, browser sessions, and crypto wallets along the way.

Security firm Socket flagged the release six minutes after publication, but the attacker kept fighting — pushing four more malicious versions (8.16.0 through 8.20.0) over roughly three hours, interleaved with the maintainers’ cleanup attempts. Version 8.22.0 is clean; anything a machine installed in between means full credential rotation and an audit.

Why it’s in a privacy blog: you don’t use jscrambler, but the apps holding your data are built by developers who install packages like it thousands of times a day. Every stolen npm token is a chance to poison something further downstream — and the irony of the delivery vehicle being a security product is this week’s theme in miniature.

Union County, Ohio: $1 million to keep the leak quiet

Threat researchers this week attributed a curious transaction to Union County, Ohio (population ~70,000): a payment of 9.44 Bitcoin — roughly $1 million — to an extortion crew called Kairos, made back in June 2025 and never disclosed as a payment.

The underlying incident was reported at the time as “ransomware.” It wasn’t, quite. Researchers found no encryptor, no locked machines, no decryption keys — Kairos never locked a single file. It simply stole around 2 TB of data — some 1.6 million files — and charged the county not to publish. The county notified 45,487 residents and staff that their data was taken: Social Security numbers, financial details, and — because this was a county government — fingerprints and passport data. Kairos opened at $3 million; the parties settled at $1 million the same day.

Two things deserve to sting here. First, the data still exists. A payment buys a criminal’s promise of deletion, backed by nothing. Every affected resident should behave as if their SSN and biometrics are in circulation, because the only evidence otherwise is the word of extortionists. Second, the payment surfaced through blockchain analysis, not disclosure. Residents learned the size and nature of their government’s response from researchers tracing Bitcoin, a year after the fact. Public bodies spending public money to suppress publication of the public’s data, silently, is a transparency failure layered on a security failure.

The extortion-without-encryption model is now the growth segment of cybercrime — data-theft-only incidents keep rising because backups defeat encryption but nothing defeats possession. Kairos just demonstrated the business case: no malware development, one intrusion, seven figures.

The pattern

A defense agency that couldn’t read its own alerts. A protection tool that attacked its users. A government that paid to keep its residents’ exposure quiet. In each case the failure wasn’t exotic — unread email, an unreviewed package release, an undisclosed wire of public funds. The institutions guarding the perimeter keep proving the perimeter is guarded by people, and the people are busy.

Assume the guardian will fail: unique credentials, MFA, frozen credit, and skepticism as a default posture. It’s not cynicism — as of this week, it’s just the record.