Virginia Man Found Guilty of Deleting 96 Government Databases

The federal jury’s conviction of Sohaib Akhter marks a rare, high‑profile prosecution for insider sabotage of government data. Akhter, a 34‑year‑old Virginia resident, was found guilty of conspiracy to commit computer fraud, password trafficking, and illegal firearm possession after he and his twin brother systematically accessed, write‑protected, and erased 96 databases belonging to agencies such as the EEOC. The breach began when Akhter supplied his brother with a stolen password, allowing unauthorized entry into a complainant’s email account and triggering a cascade of data deletions.

Beyond the headline, the case underscores a systemic vulnerability: contractors and third‑party vendors often hold privileged access to sensitive federal systems without the same vetting as direct employees. The unnamed Washington‑based software firm, which services more than 45 agencies, failed to detect the brothers’ prior felony records, allowing them to retain credentials that could be weaponized. Experts argue that a zero‑trust architecture, continuous monitoring, and stricter background‑check protocols are essential to mitigate insider threats that can bypass perimeter defenses and cause irreversible data loss.

Legally, Akhter’s upcoming sentencing on September 9 could result in a maximum of 21 years behind bars, reflecting the Justice Department’s intent to deter similar attacks. The conviction also sends a clear message to federal contractors that negligence in hiring and credential management will be met with severe criminal penalties. Policymakers are likely to push for tighter supply‑chain security mandates, including mandatory breach‑response drills and real‑time audit trails for all cloud‑based government workloads. Such measures aim to protect the integrity of public data and restore confidence in digital government services.