Twin Brothers Wipe 96 Gov't Databases Minutes After Being Fired

The Akhter twins’ sabotage illustrates a textbook insider threat amplified by procedural lapses. After being dismissed from Opexus, a firm that services dozens of federal agencies, Muneeb’s lingering VPN and Windows credentials allowed him to issue SQL commands that wiped 96 databases in under ten minutes. The rapid data loss, coupled with the theft of EEOC complaint files and personal tax records, exposed the fragility of privileged access management in environments handling classified or personally identifiable information.

Opexus’s failure to terminate all accounts highlights a broader industry challenge: many contractors rely on automated de‑provisioning that can miss residual privileges, especially when multiple employees share similar access profiles. Background checks alone proved insufficient; the twins’ prior convictions were only flagged after they were already embedded in the organization. This incident has spurred calls for continuous monitoring, real‑time credential revocation, and stricter vetting of third‑party vendors that process government data, reinforcing the need for a zero‑trust architecture across the federal supply chain.

Legal repercussions were swift and severe. Sohaib was found guilty of conspiracy, password trafficking, and illegal firearm possession, while Muneeb entered a guilty plea but continues to file pro se motions, a strategy that rarely succeeds in federal courts. Their convictions serve as a cautionary tale for both employers and regulators, emphasizing that robust termination protocols and proactive insider‑threat programs are essential to safeguard national‑level information assets.