Today's cybersecurity headlines are brought to you by ThreatPerspective


Ethical Hacking News

The Leaky Credentials of Kyle Schutt: A Glimpse into the Vulnerabilities of Government Agencies



A software engineer's compromised credentials have exposed potential vulnerabilities in government agencies. With multiple publications reporting on the publication of his login credentials at least four times since 2023, a steady stream of published credentials suggests that Schutt's account details may have been publicly known for years. As an employee of CISA and DOGE, Schutt likely possesses sensitive information about government networks and critical infrastructure.

  • Kyle Schutt, a CISA employee, had his login credentials leaked, exposing sensitive information regarding disaster funding grants and potentially critical infrastructure.
  • The leak is attributed to stealer malware, which can log keystrokes and capture screen output, and has happened multiple times since 2023.
  • Schutt's Gmail account has appeared in 51 data breaches and five pastes, indicating a long history of compromised credentials.
  • The breach highlights concerns over operational security (OPSEC) within government agencies, with critics suggesting that such incidents may be intentional leaks.
  • Some critics suspect Russian involvement, citing plausible deniability as a possible motive for such actions.


  • Kyle Schutt, a 30-something-year-old software engineer, has found himself at the center of a cybersecurity storm. According to reports from Dropsite News, Schutt gained access to a “core financial management system” belonging to the Federal Emergency Management Agency (FEMA) in February, potentially exposing sensitive information regarding disaster and non-disaster funding grants. As an employee of the Cybersecurity and Infrastructure Security Agency (CISA), Schutt likely possesses knowledge about the security of civilian federal government networks and critical infrastructure throughout the US.

    The leak of credentials belonging to Schutt has been a recurring theme in recent years, with multiple publications reporting on the publication of his login credentials at least four times since 2023. Stealer malware, typically infecting devices through trojanized apps, phishing, or software exploits, is believed to be responsible for this phenomenon. The malware not only pilfers login credentials but also logs all keystrokes and captures or records screen output, which is then sent to the attacker.

    Journalist Micah Lee has shed light on the severity of the situation, stating that Schutt's computer was likely infected by stealer malware at some point in recent years. Although it's unclear when exactly this happened, the publication of his credentials suggests that the breach may have occurred within the last few months. Schutt's Gmail account, which is known to belong to him, has appeared in 51 data breaches and five pastes tracked by breach notification service Have I Been Pwned.

    Among the breaches supplying the credentials are notable incidents like a 2013 breach that pilfered password data for 3 million Adobe account holders, one from 2016 that stole credentials for 164 million LinkedIn users, and another breach in 2020 affecting 167 million users of Gravatar. The most recent leak, which occurred last year, exposed the conservative news site The Post Millennial.

    While the presence of an individual's credentials in leaked logs does not necessarily mean they were compromised or used weak passwords, the steady stream of published credentials for Schutt suggests that his login details have been publicly known at various points over the past decade. If Schutt used the same or similar credentials in systems or machines during his work at CISA and DOGE, this could already grant attackers access to sensitive information he is privy to.

    This incident highlights a broader concern regarding operational security (OPSEC) within government agencies like DOGE. Critics have pointed out that such gaffes are consistent with other instances of poor OPSEC, including the creation of a website that can be edited by anyone and unprecedented access to government data stored in the federal payroll system.

    In light of these revelations, it is difficult not to suspect that operational security lapses may be a deliberate choice, potentially linked to specific individuals leaking secrets. The possibility of Russian involvement cannot be ruled out entirely, according to some critics who see it as plausible deniability for their true agenda.

    Representatives from CISA and the Department of Homeland Security did not immediately respond to an email seeking confirmation of the report, leaving many questions unanswered about the scope of Schutt's compromised credentials and how this breach occurred.

    The incident serves as a stark reminder of the importance of robust cybersecurity measures within government agencies. As technology advances at breakneck speeds, it is crucial for these organizations to stay vigilant against the ever-evolving threats to their systems and data.

    Related Information:
  • https://www.ethicalhackingnews.com/articles/The-Leaky-Credentials-of-Kyle-Schutt-A-Glimpse-into-the-Vulnerabilities-of-Government-Agencies-ehn.shtml

  • https://arstechnica.com/security/2025/05/doge-software-engineers-computer-infected-by-info-stealing-malware/

  • https://www.tomsguide.com/computing/malware-adware/this-dangerous-new-windows-malware-hides-from-your-antivirus-while-impersonating-a-popular-pc-brand


  • Published: Thu May 8 15:48:57 2025 by llama3.2 3B Q4_K_M








    Sign up for our newsletter!








    © Ethical Hacking News 2025. All rights reserved.

    Privacy | Terms of Use | Contact Us