Opexus, a federal government contractor, has acknowledged failures in its background check and hiring processes after twins Muneeb and Sohaib Akhter were arrested for allegedly carrying out a massive insider attack on multiple U.S. federal agencies earlier this year.
The brothers, who previously pleaded guilty in 2015 to crimes including wire fraud and conspiring to hack the State Department, were hired by Opexus in 2023 and 2024 despite the company conducting seven-year background checks. The firm admitted that it missed key red flags in its vetting process.
“While these individuals passed background checks at the time, this incident made clear that our screening protocols needed to be even more robust,” a spokesperson for Opexus told CyberScoop.
Alleged Insider Attack Details
The Akhter twins were fired in February 2025, shortly before authorities say they executed the breach in retaliation. Prosecutors allege that Muneeb Akhter accessed company systems five minutes after termination, deleting approximately 96 databases containing sensitive U.S. government information, including records from the Department of Homeland Security (DHS), Internal Revenue Service (IRS), and the Equal Employment Opportunity Commission (EEOC).
Muneeb is also accused of stealing personally identifiable information for at least 450 individuals and deleting a Homeland Security production database, while Sohaib faces charges related to password trafficking and computer fraud conspiracy.
Company Response and Reforms
Opexus admitted it mishandled both the onboarding and termination process, leaving systems accessible to the twins after firing. The company has since enhanced its vetting and internal security procedures, including:
- Expanding background checks from seven to ten years
- Implementing additional safeguards in the hiring process
- Strengthening access control measures and internal HR training
- Supporting affected federal agencies in data restoration and review processes
“The individuals responsible for hiring the twins are no longer employed by Opexus, and we have since strengthened our screening protocols across the organization,” the spokesperson said.
Legal Consequences
Muneeb Akhter faces up to 45 years in prison for conspiracy, computer fraud, destruction of records, and aggravated identity theft. Sohaib could face up to six years for password trafficking and conspiracy to commit computer fraud.
The case has sparked renewed scrutiny of government contractor hiring practices and insider threat management, highlighting the critical importance of thorough background checks, especially when sensitive federal data is at stake.
