Comment by joleyj

“Experts who reviewed the exposed secrets said the commit logs for the code repository showed the CISA contractor disabled GitHub’s built-in protection against publishing sensitive credentials in public repos.”

This makes it seem more intentional to me. Regardless of what the ultimate purpose were use of the repository was it says to me, the person knew what they were doing and it wasn’t just an innocent oversight like anybody could’ve made.