The word you're looking for is "gross negligence"

Not defending this person, but it's obvious that this person used Github as a file-sync. Firefox-passwords.html and firefox-bookmarks.html are what you dump before migrating to a new computer and importing them there. An old school practice before FF sync was around.

This is mentioned in the article but it stood out enough to call it here.

One the one hand the CISA is being gutted, and on the other hand there is an ever increase of rhetoric about cybersecurity, national interests, critical infrastructure..

Most of the folks I know who were with CISA were purged with the January-March 2025 Doge campaign. 0 notice "we 20 year olds dont understand what you do so fired".

A group was working on Diebold voting insecurity, and foreign implant hacking. Gone.

The first "hack" I ever reported was when I found a plaintext passwords file on my high school computer network...in 1987. The more things change, the more they stay the same.

DOGE. It's DOGE. This is just things going according to plan for people that think the US government is too powerful or that there is a fortune to be made in stealing public sector resources and privatizing them.

It is a bad plan that has and will continue to harm people, but it is intentional.

Dealing with IT departments run wild with cyber security monkeys that can only follow checklists with no independent thought.

The spreadsheet of passwords is a tad more common than it should be because the password managers don't meet whatever arbitrary checklist of invented cyber security requirements they blindly follow. But Excel does.

Lol

Sure, it could be incompetence. It could also be an intentional strategy to tie up CISA/DHS resources, poison or obstruct CISA/DHS investigations/operations, open up systems to sunlight and journalism, or cause general chaos.

The not-responding-when-notified part makes me think it's not just incompetence.