What happened
Two former US government contractors were accused of deleting 96 government databases after their contracts ended. Prosecutors say the pair used old credentials to access systems and remove data tied to multiple federal agencies.
Who is affected
The incident impacts US government entities that relied on these databases for operational and administrative processes. The breach also highlights risk exposure for any organization that works with third-party contractors.
Why CISOs should care
The case shows how dangerous lingering access can be when offboarding processes fail. Even basic credential hygiene can prevent large-scale data loss. It also underscores the need for strict oversight of contractors who manage critical systems.
3 practical actions
-
Audit all contractor accounts and confirm immediate revocation once contracts end.
-
Enforce privileged access monitoring to flag login attempts from inactive or expired users.
-
Apply strict logging and automated alerts for bulk data deletion across critical databases.