Note to employers: When you discover your twin brother employees are ex-cons who did time for hacking into the US State Department, and go to fire them, make sure you fully disable their access.
February 2025, twin brothers Muneeb and Sohaib Akhter turned a routine job termination into one of the most brazen insider sabotage incidents in recent U.S. government history. Just minutes after being fired from Opexus – a Washington, D.C.-area contractor that provides critical case-management software to more than 45 federal agencies – the brothers allegedly launched a rapid digital assault that deleted approximately 96 government databases containing sensitive FOIA records, investigative files, and taxpayer data.
What made the case especially shocking was the brothers’ prior history: both had served prison time for hacking federal systems a decade earlier.
A Decade-Old Criminal Record
The Akhter brothers, both 34 and from Alexandria, Virginia, had a criminal past that Opexus completely missed – which, given what they do, is not great. In 2015, while working as contractors, they pleaded guilty to conspiracy to commit wire fraud, conspiracy to access protected computers without authorization, and related charges. Their crimes involved hacking into U.S. State Department systems and a private company, stealing personal data on coworkers, acquaintances, and even a federal investigator.
Muneeb received a 39-month prison sentence; Sohaib received 24 months. Both served their time and were released.
And yet…
By 2023-2024, the brothers had landed engineering roles at Opexus (formerly known as AINS), a firm specializing in FedRAMP-certified case-management platforms. Its flagship products – FOIAXpress and the eCASE suite – help agencies process Freedom of Information Act requests, audits, investigations, EEO complaints, and congressional correspondence. Opexus systems host sensitive government data on servers in Ashburn, Virginia.
The company conducted standard background checks covering roughly seven years – which missed the 2015 convictions. Opexus later admitted that “additional diligence should have been applied” and that the individuals responsible for hiring the twins are no longer with the company.
Unbeknownst to Opexus at the time of termination, the brothers had been abusing their access for weeks. Muneeb had collected approximately 5,400 usernames and passwords from the company’s network and built custom scripts to test them against external sites (including Marriott and DocuSign). He successfully logged into accounts and, in some cases, used victims’ airline miles.
On February 1, 2025 – more than two weeks before their firing – Muneeb asked Sohaib for the plaintext password of an individual who had filed a complaint through the EEOC Public Portal. Sohaib ran a database query and provided it; Muneeb then used the credentials to access the complainant’s email without authorization. This incident later became central to Sohaib’s password-trafficking charge.
Hellbound and Down 