In February 2025, twin brothers Muneeb and Sohaib Akhter, previously convicted in 2015 for hacking the U.S. State Department while working as federal contractors, were fired from Opexus, a Washington D.C.-area firm providing case management software to over 45 federal agencies. Minutes after their remote termination meeting, with inadequate offboarding leaving Muneeb's access intact, the brothers allegedly initiated a 56-minute rampage that resulted in the deletion of approximately 96 government databases. These contained sensitive FOIA records, investigative files, EEOC complaints, IRS taxpayer data, and DHS production systems, with commands like "DROP DATABASE dhsproddb" executed in rapid succession. One minute after deleting a key DHS database, Muneeb reportedly queried an AI tool on how to clear SQL server logs and Windows event logs, illustrating an emerging fusion of generative AI with insider threats.

This incident, culminating in Sohaib Akhter's federal jury conviction on May 7, 2026 for conspiracy to commit computer fraud, password trafficking, and related charges, reveals far more than a simple revenge firing gone wrong. Opexus admitted its background checks—limited to roughly seven years—missed the brothers' decade-old felonies, despite the company's FedRAMP-certified platforms handling sensitive government data on Ashburn, Virginia servers. The firm later stated that "additional diligence should have been applied," and those involved in the hiring are no longer employed there. Prior to termination, the brothers had already been abusing access for weeks, harvesting over 5,400 usernames and passwords and exfiltrating data including EEOC complainant emails.

Beyond the immediate operational disruption—permanently losing certain FOIA requests and compromising transparency mechanisms—this case underscores critical vulnerabilities in the government's reliance on contractors for core functions like audit processing, congressional correspondence, and public records. It connects to a broader pattern of insider threats that mirror state-sponsored cyber operations amid escalating digital warfare between nations. Where geopolitical actors use proxies for deniability, disgruntled individuals with privileged access can achieve comparable destruction through personal retaliation, exposing how weak vetting, flawed access revocation, and insufficient monitoring create single points of failure in outsourced infrastructure. The prior 2015 convictions, which involved stealing data on coworkers and investigators, should have been a permanent bar; instead, they slipped through, raising questions about systemic gaps in continuous evaluation and the outsourcing model's inherent risks. As federal agencies increasingly depend on third-party platforms for sensitive workflows, incidents like this accelerate the need for zero-trust architectures, AI-powered anomaly detection, and stricter lifelong screening for roles involving government data—lest personal grievances scale into national security breaches.