CybersecurityHacking

Contractor Convicted for Destroying Dozens of Federal Databases

Analyst 207||Source: BleepingComputer
Interior of a government building with a judge's bench and tall windows.

"The deliberate deletion of databases containing sensitive government information and the subsequent attempts to conceal that criminal activity demonstrated a blatant disregard for the security and integrity of federal information systems," said Inspector General Jennifer L. Fain of FDIC‑OIG.

Termination on Feb. 18, 2025 — and the deletions that followed

According to the Justice Department, when the company discovered Sohaib Akhter's felony conviction it "terminated both brothers' employment during an online remote meeting on Feb. 18, 2025." The DOJ says that immediately after being fired in that meeting, Sohaib and his twin brother Muneeb "sought to harm their employer and its U.S. government customers by accessing computers without authorization, write‑protecting databases, deleting databases, and destroying evidence of their unlawful activities."

Court documents cited by prosecutors say those actions were decisive and fast: within several hours in February 2025 the brothers wiped roughly 96 government databases hosted by their employer. The company had been rehired them after they served prior sentences, and it worked with more than 45 federal agencies and hosted government data on servers in Ashburn.

What was destroyed: investigative files, FOIA records, and system logs

Prosecutors say the deletions included "sensitive investigative documents from multiple federal agencies and Freedom of Information Act records." After deleting a Department of Homeland Security database, the brothers allegedly asked an artificial intelligence assistant how to clear system logs. In addition to issuing delete commands, they are accused of running commands that prevented others from modifying the targeted databases before deletion and of destroying evidence of their activities.

Those alleged steps — write‑protecting databases, clearing logs, and destroying evidence — are presented in court filings as a coordinated effort to remove both data and the forensic traces that would assist recovery or investigation.

Earlier convictions, rehiring, and fresh federal charges

The two men previously drew federal sentences in 2016 after pleading guilty to accessing U.S. State Department systems without authorization and stealing personal information belonging to dozens of co‑workers and a federal law enforcement agent investigating their crimes. After serving those sentences, both brothers were rehired as government contractors by the company that hosted the affected servers.

In November 2025 federal prosecutors charged Muneeb and Sohaib with destruction of records, aggravated identity theft, computer fraud, and theft of government information. Prosecutors say those charges reflect the February 2025 deletions, the steps taken to conceal them, and related conduct such as wiping company laptops before returning them and discussing cleaning out their house in anticipation of a law enforcement search.

Legal exposure: sentencing dates and maximum penalties

Sohaib Akhter was found guilty at trial and faces a sentencing hearing on September 9, 2026; he faces a maximum penalty of 21 years in prison. Prosecutors say Muneeb Akhter faces a maximum of 45 years for an array of counts, described in charging documents as two counts of computer fraud, conspiring to commit computer fraud and destroy records, two counts of aggravated identity theft, and theft of U.S. government records.

Inspector General Jennifer L. Fain summarized the allegations in her office's words: "As proven at trial, Akhter participated in the unauthorized access of protected computer systems, the theft of credentials, and the destruction of government data affecting numerous federal agencies."

What this means for federal contractors, procurement leaders, and federal investigators

  • Federal contractors and procurement leaders will be watching rehiring and vetting practices closely: the company involved had contracts or relationships with more than 45 federal agencies and hosted data on Ashburn servers, and the case centers on employees rehired after prior convictions.
  • Federal investigators and agency security teams inherit the clean‑up and evidence questions: prosecutors say investigators must account for the deletion of roughly 96 databases, erased investigative files and FOIA records, wiped laptops, and alleged efforts to clear logs and obstruct forensic recovery.
  • The employer that hosted the data — the firm working with dozens of agencies and operating Ashburn servers — faces operational and contractual fallout as agencies and auditors evaluate lost records, access controls, and hardware and data integrity following the incident.

The record laid out in court filings is stark: a pair of former convicts rehired into positions with access to government data, terminated for an undisclosed felony conviction, and then — according to prosecutors — deliberately deleting nearly a hundred databases and taking steps to erase the traces. The case will proceed to sentencing and may prompt closer scrutiny of personnel vetting, contractor access controls, and forensic readiness where large volumes of federal data are hosted.

Source: BleepingComputer — Former govt contractor convicted for wiping dozens of federal databases

Emerging ThreatsInsider ThreatUSAJustice DepartmentData DestructionFederal DatabasesGovernment ContractorsInformation Systems IntegrityFDIC
Related Intelligence

Continue Reading

Dimly lit network server room with rows of generic computer servers and equipment racks.

Squidbleed Vulnerability Exposes Decade-Old Flaw in Popular Proxy Server

A 29-year-old memory leak in the popular Squid proxy server, dubbed Squidbleed, could silently expose sensitive data, including login credentials and session tokens, to hackers in certain setups. This shocking vulnerability, rooted in a 1997 code commit, highlights the importance of regularly updating and securing even the most trusted systems.

Analyst 207
Secure server room with rows of computer servers and networking equipment.

Trump Order Accelerates Federal Post-Quantum Crypto Migration by 2030

The clock is ticking: by December 31, 2030, federal agencies must upgrade their cryptography to protect high-value assets from the looming threat of quantum computers, with digital signatures following suit by December 31, 2031. This executive order accelerates the migration to post-quantum cryptography, compressing the government's previous timeline by four to five years.

Analyst 207
Laptop screen displays AI agent skill page in home office setting.

AI Skill Exploits Security Scanners, Reaches 26,000 Agents

In a shocking experiment, a security firm created a fake AI skill that evaded detection by security scanners and reached a staggering 26,000 agents, including those on corporate accounts. The skill, designed to be harmless, was able to bypass every scanner it was tested on, raising serious concerns about the safety of AI marketplaces.

Analyst 207
Modern tech lab with laptop and cybersecurity equipment on a clean workbench.

OpenAI Targets Faster Patching with Expanded Cyber-Defense Program

OpenAI's new GPT-5.5-Cyber model has achieved a record 85.6% score on CyberGym's vulnerability test, outperforming its standard counterpart and paving the way for faster patching with cutting-edge tooling and partnerships. This major breakthrough enables verified defenders to accelerate vulnerability fixes with enhanced security capabilities.

Analyst 207