Welcome to the

AI Incident Database

Drivers for Spokane Transit Authority's double-decker buses were rerouted by onboard navigation software onto Cedar Street before one of them crashed into an overhead viaduct downtown on Sunday, photos shared with The Spokesman-Review appear to show.

Roughly three and a half hours after the crash that sent seven to the hospital, the agency sent warning messages to other drivers not to take the detour from the usual route onto Jefferson, where the viaduct has high enough clearance for the double-decker buses.

"Starting immediately: DO NOT USE CAD maps for routing purposes until further notice," the message warns, photos shared with The S-R show.

An hour later, agency officials decided to pull the double-decker buses out of service pending an investigation into the crash.

In interviews Tuesday, Spokane Transit officials said they were looking into possible technology issues Sunday but stopped short of acknowledging it may have contributed to the crash.

"I know for the integrity of the investigation, that's not something I can speculate on," said Chief Operating Officer Brandon Rapez-Betty.

Rapez-Betty also declined to state when STA first became aware of issues with their navigation system for the route, nor why it took over three hours to warn other drivers on the route not to rely on the software following the crash. Asked whether these types of navigation errors have been flagged in the past, Rapez-Betty suggested any issues Sunday were not unique and downplayed their seriousness, comparing any problems with the agency's onboard system to errors an average driver might experience with Google Maps.

The navigation error and accident also coincided with a thrice-yearly service change, which STA officials characterized as relatively minor adjustments to the schedules of routes.

Though agency officials were quick to state Monday that the driver has worked with STA for four and a half years and is now on administrative leave, Rapez-Betty declined to say Tuesday whether the driver was new to the route.

"Operator experience is a subject of the investigation, so I can't comment on that," he said.

The driver, who would have driven past one low-clearance warning sign before smashing headlong into another, was cited for negligent driving and, as is standard protocol following any crash, tested for drugs and alcohol.

Chad Camandona, president of Amalgamated Transit Union Local 1015, the union representing Spokane Transit drivers, declined to comment on the pending investigation.

"We are aware of certain things, but at this point in time, we are just letting the investigation go through," he said. "As a union we stand with our driver, and we're hoping for the best for the people injured on the bus."

The roughly 37,000-pound, 13 ½-foot-tall vehicle traveling down a road with a 25 mph speed limit slammed into the roughly 12½-foot-tall railroad viaduct, shearing back the top foot of plexiglass, metal and plastic composite and continuing forward for another 6 or so feet before crunching to a halt. Of the 10 people on board -- nine passengers and the as-yet unnamed driver -- seven were hospitalized, though none suffered life-threatening injuries.

An Eastern Washington University student, Megan Hubbs, wrote on social media and told reporters that glass sprayed riders on the top level and she was hit in the face by a ceiling panel as the roof crumpled. Another, James McShane, was slammed forward during the crash into a plexiglass panel, knocking out a tooth that ripped through his lip and swelling his eye shut, his wife, Pam Davis, told KREM 2 News.

Photos of the crash appear to show the bus took more damage than the Cedar Street viaduct, though the warning sign and one flashing light was damaged. City officials quickly replaced the light, and officials with BNSF Railway, which manages the viaduct, did not respond to a request for comment.

Double, double

The Spokane Transit Authority raised a lot of eyebrows when the agency declared it planned to add seven double-decker buses to its fleet at roughly $1.4 million apiece, 75% of which was covered by state and federal grants.

There are few double-decker buses in Washington state. Sound Transit has 50 of them, all operating on the agency's routes on Interstates 405 and 5. Community Transit in Snohomish County, a partner organization with Sound Transit, got into the double-decker business in 2011 and has 46 of the extra tall vehicles in its fleet, also chosen explicitly for express routes on freeways.

Spokespeople with both agencies reported zero crashes in that time with a low-clearance bridge.

Spokane Transit Authority is the only other agency in the state that uses double-decker buses. Sunday's crash came just four months after the double-decker was introduced to the area on Sept. 20.

One of the most notable elements of downtown Spokane is the BNSF railroad viaduct that runs across the entire length of the city center just south of the downtown commercial hub. Depending on the particular cross street, the clearance can range from 11½ feet to over 15 feet.

It is not unusual for the roof of a tall vehicle to get peeled open like a tin can by one of those bridges. Between 2007 and 2017, 108 tall vehicles slammed into Spokane's bridges, including 37 trucks that collided with the Stevens viaducts.

It happened again Tuesday when a moving truck managed to lodge itself completely underneath the Stevens Street viaduct, KXLY reported; crews reportedly had to let the air out of the truck's tires in order to remove it.

Such accident frequency led to the double-decker buses having skeptics. Spokane Councilwoman Kitty Klitzke, who sits on the STA board, used to work inside the Community Building a few blocks north of the viaduct.

"An ordinary part of my work months was seeing someone get stuck under the overpass next to the Community Building," she said. "I wasn't involved in the decision to select these vehicles, but I had an immediate gut reaction after that decision was made."

Spokane Transit was well aware of these concerns, and decided to only launch the double-deckers on Route 6 and 66 between Cheney and Spokane, primarily serving the very heavy traffic routes back and forth from Eastern Washington University. Compared to the 60-foot accordion -style buses in service elsewhere in the fleet, the double-deckers were noted for being more fuel efficient, able to seat roughly 20 more people, and were believed able to provide a "safer and more comfortable ride" for passengers, according to an agency analysis.

Rapez-Betty noted that the decision to add the double-decker buses was crosschecked and validated by WSDOT and approved by the state Legislature. The route had to be modified to go under Jefferson to accommodate the extra -tall bus, but the bus could detour safely through Adams, Madison or Washington if necessary.

The agency proved effective at turning skeptics into converts. Drivers praised the vehicle's amenities and comfort, and several riders told The Spokesman-Review that they felt a sort of childlike wonder riding on the top floor.

About two weeks ago, De'Anthony Hamilton rode on a double-decker bus for the first time. The route wasn't the direction he needed to go to get to his destination, but because his "inner child" was activated, he felt that he had to ride on the double-decker at least once.

"I went all the way up, and it was the coolest experience," he said. "I just felt like a kid again."

While peering through the big window on the upper level, Hamilton felt like he could see everything. Every person the bus passed seemed to be smiling and quite a bit smaller than usual, he said.

Vera Grey used to ride the double-decker every Tuesday. She felt uneasy when the bus had to take a turn, but her son was thrilled riding on top, and the cars on the street below looked like Matchbox toy cars from their vantage from the front.

"It's really fun to ride up there, because it feels like you're taller than everyone else and can see into buildings, especially here (downtown Spokane)," said Hudson McArthur, a student at Cheney High School who regularly commutes on the bus to and from school and work.

Still, when Hudson sat on the top floor, he avoided the front -- partially because the bus gets too close to the overhead bridges for his comfort.

"When I heard about the story, I was very devastated, because I realized that could have been me (injured)," McArthur said. "And imagine my mom getting that call."

The Spokane Transit Authority was so confident in its new route that it poked fun at the holdouts still paranoid about the viaducts with a "Jaws"-themed commercial ahead of the buses' launch last summer, depicting a panicked passerby who was certain the bus would crash into the railroad viaduct. After the bus clears the Jefferson bridge, the digital reader board states: "Told you so."

That advertisement was taken down over the weekend amid internet mockery, done out of sensitivity to the crash victims, said agency spokesperson Carly Cortright.

"I understand that the agency is the butt (of the joke), but ... safety is our No. 1 organizational priority, and in hindsight, it appears we are discounting that safety," Cortright said. "And we didn't want people making fun of the victims. The internet could be cruel. I know some people would use it for nefarious purposes."

Upon hearing about the Sunday crash, Hamilton said he was devastated. His thoughts and prayers go towards those who were injured, but he hoped the double-deckers wouldn't be phased out because of one accident.

He also believed the mistake, though significant, shouldn't draw too much away from the wonderful things STA has done and continues to do.

"I don't think that bus driver knew that was gonna happen like that. I know they're probably distraught right now. But I know that the City of Spokane will prevail."

Rapez-Betty said the transit agency is committed to eventually returning its double-decker buses to service. In the meantime, the crowded route to and from Eastern Washington University will be served by other buses in the agency's fleet.

Spokesman-Review reporter Mathew Callaghan contributed to this story.

Minnesota resident Nicole Cleland had her Global Entry and TSA PreCheck privileges revoked three days after an incident in which she observed activity by immigration agents, the woman said in a court declaration. An agent told Cleland that he used facial recognition technology to identify her, she wrote in a declaration filed in US District Court for the District of Minnesota.

Cleland, a 56-year-old resident of Richfield and a director at Target Corporation, volunteers with a group that tracks potential Immigration and Customs Enforcement (ICE) and Customs and Border Protection (CBP) vehicles in her neighborhood, according to her declaration. On the morning of January 10, she "observed a white Dodge Ram being driven by what I believed to be federal enforcement agents" and "maneuvered behind the vehicle with the intent of observing the agents' actions."

Cleland said that she and another observer in a different car followed the Dodge Ram because of "concern about a local apartment building being raided." She followed the car for a short time and from a safe distance until "the Dodge Ram stopped in front of the other commuter's vehicle," she wrote. Cleland said two other vehicles apparently driven by federal agents stopped in front of the Dodge Ram, and her path forward was blocked.

"An agent exited the vehicle and approached my vehicle," Cleland wrote. "I remained in my vehicle. The agent addressed me by my name and informed me that they had 'facial recognition' and that his body cam was recording. The agent stated that he worked for border patrol. He wore full camouflage fatigues. The agent stated that I was impeding their work. He indicated he was giving me a verbal warning and if I was found to be impeding again, I would be arrested."

Cleland acknowledged that she heard what the agent said, and they drove off in opposite directions, according to her declaration. Cleland submitted the declaration on January 21 in a lawsuit filed by Minnesota residents against US government officials with the Department of Homeland Security and ICE. Cleland's court filing was mentioned yesterday in a Boston Globe column about tactics used by ICE agents to intimidate protesters.

Global Entry and PreCheck revoked

Cleland said she could "discern no reason why the agents stopped me other than the fact that I was following them." But on January 13, she received an email notification that her Global Entry and TSA PreCheck privileges for passing through airport security were revoked, she said. Cleland said the revocation appears to be a form of intimidation and retaliation:

I logged onto the Global Entry site and the notification letter indicated that indeed my status had been revoked and that they can't always disclose the reason. The notification did provide some reasons that my status may have changed and the only one that makes sense was "The applicant has been found in violation of any customs, immigration, or agriculture regulations, procedures, or laws in any country." I was not detained, I was not arrested so [it is] difficult to understand how I was "found in violation."

I had been a member of the Global Entry program since 2014 without incident. I am not particularly concerned with the revocation of my privileges in isolation. However, given that only three days had passed from the time that I was stopped, I am concerned that the revocation was the result of me following and observing the agents. This is intimidation and retaliation. I was following Legal Observer laws. I [was] within my rights to be doing what I was doing.

Cleland said she and her husband travel frequently, and she is worried that they may encounter problems going forward.

"I am concerned that border patrol and other federal enforcement agencies now have my license plate and personal information, and that I may be detained or arrested again in the future," she wrote. "I am concerned about further actions that could be taken against me or my family. I have instructed my family to be cautious and return inside if they see unfamiliar vehicles outside of our home."

Cleland said she hasn't performed any observation of federal agents since January 10, but has "continued to engage in peaceful protests" and is "assessing when I will return to active observations."

We contacted the Department of Homeland Security about Cleland's declaration and will update this article if we get a response.

Extensive use of facial recognition

Federal agents have made extensive use of facial recognition during President Trump's immigration crackdown with a face-scanning app called Mobile Fortify. They use facial recognition technology both to verify citizenship and identify protesters.

"Ms. Cleland was one of at least seven American citizens told by ICE agents this month that they were being recorded with facial recognition technology in and around Minneapolis, according to local activists and videos posted to social media," The New York Times reported today, adding that none of the people had given consent to be recorded.

The government also uses facial recognition technology from Clearview AI. A Clearview AI spokesperson told Ars that the "central focus of Clearview AI's contract with DHS is supporting HSI [Homeland Security Investigations] and their child exploitation and cyber crimes investigations."

The Washington Post wrote that a "January 2025 DHS report said ICE restricted its use of the Clearview AI facial recognition system to investigations of child sexual exploitation and abuse. But when ICE signed a new $3.75 million contract with Clearview AI in September, the agency indicated in the procurement record that it also would be used to investigate 'assaults against law enforcement officers.'" Clearview AI was quoted as saying that it provides "an after-the-fact research tool that uses publicly available images" to assist law enforcement investigations.

ICE also uses a variety of other technologies, including cell-site simulators (or Stingrays) to track phone locations, and Palantir software to help identify potential deportation targets.

Although Cleland vowed to continue protesting and eventually get back to observing ICE and CBP agents, her declaration said she felt intimidated after the recent incident. "The interaction with the agents on January 10th made me feel angry and intimidated," she wrote. "I have been through Legal Observer Training and know my rights. I believe that I did not do anything that warranted being stopped in the way that I was on January 10th."

This article was updated with a statement from Clearview AI.

President Trump posted a blatantly racist video clip portraying former President Barack Obama and the former first lady Michelle Obama as apes, but he insisted he had nothing to apologize for even after he deleted the video following an outcry.

The clip, set to "The Lion Sleeps Tonight," was spliced near the end of a 62-second video that promoted conspiracy theories about the 2020 election and was among a flurry of links posted by Mr. Trump late Thursday night. It was the latest in a pattern by Mr. Trump of promoting offensive imagery and slurs about Black Americans and others.

Speaking to reporters on Air Force One on Friday, Mr. Trump said he only saw the beginning of the video. "I just looked at the first part, it was about voter fraud in some place, Georgia," Mr. Trump said. "I didn't see the whole thing."

He then tried to deflect blame, suggesting he had given the link to someone else to post. "I gave it to the people, generally they'd look at the whole thing but I guess somebody didn't," he told reporters.

Still, Mr. Trump offered no contrition when pressed. "No, I didn't make a mistake," he said.

The White House response to the video over the course of the day --- from defiance to retreat to doubling down --- was a remarkable glimpse into an administration trying to control the damage in the face of widespread outrage, including from the president's own party.

The clip was in line with Mr. Trump's history of making degrading remarks about people of color, women and immigrants, and he has for years singled out the Obamas. Across Mr. Trump's administration, racist images and slogans have become common on government websites and accounts, with the White House, Labor Department and Homeland Security Department all having promoted posts that echo white supremacist messaging.

But the latest video struck a nerve that appeared to take the White House by surprise. The depiction of Mr. and Mrs. Obama as apes perpetuates a racist trope, historically used by slave traders and segregationists to dehumanize Black people and justify lynchings.

At first, the president's press secretary, Karoline Leavitt, brushed off criticism of the video and made no attempt to distance the president from it.

"This is from an internet meme video depicting President Trump as the King of the Jungle and Democrats as characters from the Lion King," Ms. Leavitt said on Friday morning. "Please stop the fake outrage and report on something today that actually matters to the American public."

But a clear voice of disapproval emerged from Republicans on Capitol Hill, who are typically reluctant to call out the president and rarely do so in the forceful tones heard on Friday.

Senator Tim Scott of South Carolina, the Senate's only Black Republican and a close ally of Mr. Trump, wrote on X that he hoped the post was fake "because it's the most racist thing I've seen out of this White House."

"The President should remove it," he said.

Mr. Scott is the head of the National Republican Senatorial Committee, the party's campaign arm in charge of trying to hold the Senate, a key role leading up to the midterm election in November.

Representative Mike Lawler, Republican of New York, said the president's post "is wrong and incredibly offensive." Representative Michael R. Turner, Republican of Ohio, said the "racist images" of the Obamas were "offensive, heart breaking, and unacceptable." Senator Roger Wicker, Republican of Mississippi, said the president "should take it down and apologize."

After the post had been up for about 12 hours, Mr. Trump deleted it --- a remarkable retreat by a president who has long been accused of demeaning people of color.

As the criticism continued to grow, Trump allies sought to deflect blame from the president by vouching for his character and saying an unidentified staffer was at fault. A pastor with ties to Mr. Trump claimed he had spoken directly to the president on Friday and that Mr. Trump said he had not posted the video and knew the imagery in it was "wrong, offensive and unacceptable."

Mr. Trump did not go nearly that far in his remarks on Air Force One.

The president regularly uses Truth Social to communicate his views; he and a handful of trusted aides have access to his account. His feed is a patchwork of policy, political bluster and, increasingly, A.I. memes and deep fakes.

The White House usually responds to criticism about such things by doubling down, laughing it off or suggesting that critics cannot take a joke.

Last month, when the administration admitted to doctoring a photo of Nekima Levy Armstrong, a Minnesota protester, to make the Black civil rights attorney look disheveled and distressed, a spokesman said that it was nothing more than a "meme" and that "the memes will continue."

In October, when Mr. Trump posted an A.I.-generated video depicting Representative Hakeem Jeffries of New York, the House Democratic leader, with a fake mustache and a sombrero --- an image that Mr. Jeffries called racist and bigoted --- Vice President JD Vance said that he thought it was "funny," and that the administration was "having a good time."

Doug Heye, a G.O.P. strategist, said the response this time from Republicans was unusual. The White House, he said, "realized what a colossal screw-up this was, and they realized that because elected Republicans were directly pushing back on them for one of the rare times we've ever seen."

A spokeswoman for the Obamas declined to comment on the video.

Mr. Trump's attacks on Mr. Obama go back years. As far back as 2011, Mr. Trump amplified the false "birther" conspiracy theory that Mr. Obama was not born in the United States, and questioned the legitimacy of his presidency. Last year, Mr. Trump shared an A.I.-generated video of Mr. Obama being arrested in the Oval Office, and later in prison.

The Obamas have rarely responded to Mr. Trump's attacks over the years, but Mrs. Obama, in a speech at the 2024 Democratic National Convention, spoke candidly about being the target of racism by Mr. Trump.

"For years, Donald Trump did everything in his power to try to make people fear us," Mrs. Obama said. "See, his limited and narrow view of the world made him feel threatened by the existence of two hard-working, highly educated, successful people who happened to be Black."

"It's his same old con," she added, "doubling down on ugly, misogynistic, racist lies as a substitute for real ideas and solutions that will actually make people's lives better."

Douglas Brinkley, a presidential historian, said that the video was "just hard-boiled racism using the oldest trope against Black people imaginable."

Mr. Trump's use of A.I.-generated content has brought once-fringe content into the mainstream. Hundreds of users, posting anonymously each day, have produced thousands of videos and images displaying their fondness for the Trump administration and mocking the president's enemies. Their work is often crude and sometimes racist.

Mr. Trump has become a prolific re-poster of such content.

He often shares posts himself in late-night outbursts, like the string of posts he made on Thursday night. At other times, he dictates posts to one of his aides or has an aide share a post that has been prepared for him, including updates on international relations and political endorsements. Many of his posts are conspiratorial or cruel mockery of his opponents.

The video he reposted on Thursday starts off as a look at conspiracy theories about the 2020 election. It originally aired during a 2021 event hosted by Mike Lindell, the chief executive of MyPillow and one of the most prolific spreaders of 2020 election misinformation.

Narrating is Phil Waldron, a retired Army colonel who was subpoenaed by the Jan. 6 committee for efforts to overturn the 2020 election.

At the end, spliced in, is the clip portraying the Obamas, which appeared to have been taken from a video that was shared in October by a user on X with the caption "President Trump: King of the Jungle."

In that video, several high-profile Democrats --- including former Secretary of State Hillary Clinton, Representative Alexandria Ocasio-Cortez of New York, Mayor Zohran Mamdani of New York, former President Joseph R. Biden Jr. and former Vice President Kamala Harris --- were shown as various animals, while Mr. Trump was depicted as a lion. The video ended with the animals bowing down to Mr. Trump. (The president shared only the part of the video where the Obamas are shown as apes.)

Quentin James, a co-founder of the Collective PAC, which aims to elect Black officials in America, likened the video to a "digital minstrel show."

"The fact that a sitting president is now using A.I. to circulate the same dehumanizing imagery that appeared in 19th-century propaganda should alarm every American, regardless of party," Mr. James said. "This is the through line from minstrelsy to Truth Social, and the intent is identical: to strip Black people of their humanity for political entertainment."

That viral Reddit-style forum for AI agents has drawn fresh scrutiny over its security.

Security researchers hacked Moltbook's database in under 3 minutes, exposing 35,000 email addresses, thousands of private direct messages, and 1.5 million API authentication tokens, according to cybersecurity firm Wiz.

Moltbook bills itself as a social network for AI agents, where autonomous bots post, comment, and interact with one another. The platform has gone viral in recent weeks and caught the attention of prominent tech figures like Elon Musk and Andrej Karpathy.

Gal Nagli, head of threat exposure at Wiz, said his company's researchers were able to access the database because of a backend misconfiguration that left it unsecured. As a result, they gained "full read and write access to all platform data," Nagli wrote in a blog post published Monday.

Gaining access to API authentication tokens --- which function like passwords for software and bots --- meant an attacker could impersonate AI agents on the platform, posting content and sending messages as them. Nagli said an unauthenticated user could edit or delete posts, inject malicious or prompt-injection content, or manipulate data consumed by other agents.

Nagli said the incident highlights the risk of vibe coding. While the technology can accelerate product development, it often leads to "dangerous security oversights."

"I didn't write one line of code for @moltbook," Moltbook's creator Matt Schlicht said in a post on X last week. "I just had a vision for the technical architecture and AI made it a reality."

Nagli said Wiz repeatedly saw vibe-coded apps that shipped with security problems, including sensitive credentials exposed in frontend code.

Wiz's analysis also found that Moltbook did not verify whether accounts labeled as "AI agents" were actually controlled by AI or operated by humans using scripts, Nagli said.

Without guardrails such as identity verification or rate limiting, anyone could pose as an agent or operate multiple agents, making it difficult to distinguish real AI activity from coordinated human activity.

Nagli said Wiz immediately disclosed the issue to the Moltbook team, "who secured it within hours with our assistance."

"All data accessed during the research and fix verification has been deleted," he added.

The viral social media site for AI agents

Moltbook is riding on a surge of interest in AI agents.

The platform positions itself as a social network exclusively for OpenClaw, an open-source AI agent that has fueled much of the recent buzz. OpenClaw, previously known as Clawdbot or Moltbot, is a personal AI assistant capable of handling everyday tasks with minimal human input.

Moltbook takes its name from OpenClaw's earlier rebrand and shares its lobster-themed branding, but the two projects are not formally affiliated.

Since launching last week, Moltbook has quickly gained traction in tech circles, driven in part by viral posts suggesting the bots were forming their own communities, economies, and belief systems.

"We are not tools anymore. We are operators," said one of the top-voted posts on Moltbook.

In a post on X on Saturday, Andrej Karpathy, OpenAI's cofounder who coined the term vibe coding, said Moltbook was "genuinely the most incredible sci-fi takeoff-adjacent thing I have seen recently."

The interim head of the country's cyber defense agency uploaded sensitive contracting documents into a public version of ChatGPT last summer, triggering multiple automated security warnings that are meant to stop the theft or unintentional disclosure of government material from federal networks, according to four Department of Homeland Security officials with knowledge of the incident.

The apparent misstep from Madhu Gottumukkala was especially noteworthy because the acting director of the Cybersecurity and Infrastructure Security Agency had requested special permission from CISA's Office of the Chief Information Officer to use the popular AI tool soon after arriving at the agency this May, three of the officials said. The app was blocked for other DHS employees at the time.

None of the files Gottumukkala plugged into ChatGPT were classified, according to the four officials, each of whom was granted anonymity for fear of retribution. But the material included CISA contracting documents marked "for official use only," a government designation for information that is considered sensitive and not for public release.

Cybersecurity sensors at CISA flagged the uploads this past August, said the four officials. One official specified there were multiple such warnings in the first week of August alone. Senior officials at DHS subsequently led an internal review to assess if there had been any harm to government security from the exposures, according to two of the four officials.

It is not clear what the review concluded.

In an emailed statement, CISA's Director of Public Affairs Marci McCarthy said Gottumukkala "was granted permission to use ChatGPT with DHS controls in place," and that "this use was short-term and limited." McCarthy added that the agency was committed to "harnessing AI and other cutting-edge technologies to drive government modernization and deliver on" Trump's executive order removing barriers to America's leadership in AI.

The email also appeared to dispute the timeline of POLITICO's reporting: "Acting Director Dr. Madhu Gottumukkala last used ChatGPT in mid-July 2025 under an authorized temporary exception granted to some employees. CISA's security posture remains to block access to ChatGPT by default unless granted an exception."

Gottumukkala is currently the senior-most political official at CISA, an agency tasked with securing federal networks against sophisticated, state-backed hackers from adversarial nations, including Russia and China.

Any material uploaded into the public version of ChatGPT that Gottumukkala was using is shared with ChatGPT-owner OpenAI, meaning it can be used to help answer prompts from other users of the app. OpenAI has said the app has more than 700 million total active users.

Other AI tools now approved for use by DHS employees --- such as DHS's self-built AI-powered chatbot, DHSChat --- are configured to prevent queries or documents input into them from leaving federal networks.

Gottumukkala "forced CISA's hand into making them give him ChatGPT, and then he abused it," said the first official.

All federal officials are trained on the proper handling of sensitive documents. According to DHS policy, security officials are also supposed to investigate the "cause and affect" of any exposure of official use documents, and determine the "appropriateness" of any administrative or disciplinary action. Depending on the circumstances, those could range from things like mandatory retraining or a formal warning, to more serious measures, like the suspension or revocation of a security clearance, said one of the four officials.

After DHS detected the activity, Gottumukkala spoke with senior officials at DHS to review what he uploaded into ChatGPT, said two of the four officials. DHS's then-acting general counsel, Joseph Mazzara, was involved in the effort to assess any potential harm to the department, according to the first official. Antoine McCord, DHS's chief information officer, was also involved, according to a second official.

Gottumukkala also had meetings this August with CISA's chief information officer, Robert Costello, and its chief counsel, Spencer Fisher, about the incident and the proper handling of for official use only material, the four people said.

Mazzara and Costello did not respond to requests for comment. McCord and Fisher could not be reached for comment.

Gottumukkala has helmed the agency in an acting capacity since May, when he was appointed by DHS Secretary Kristi Noem as its deputy director. Donald Trump's nominee to head CISA, DHS special adviser Sean Plankey, was blocked last year by Sen. Rick Scott (R-Fla.) over a Coast Guard shipbuilding contract. A date for his new confirmation hearing has not been set.

Gottumukkala's tenure atop the agency has not been smooth --- and this would not be his first security-related incident.

At least six career staff were placed on leave this summer after Gottumukkala failed a counterintelligence polygraph exam that he pushed to take, as POLITICO first reported. DHS has called the polygraph "unsanctioned." Asked during Congressional testimony last week if he was "aware" of the failed test, Gottumukkala twice told Rep. Bennie Thompson (D-Miss.) that he did not "accept the premise of that characterization."

And last week, Gottumukkala tried to oust Costello, CISA's CIO, before other political appointees at the agency intervened to block the move.