imran_awan
© WashingtonPost
  • An internal House probe concluded that Pakistani IT aides Imran Awan along with four other individuals inappropriately accessed House servers and moved data
  • They impersonated at least 15 U.S. House members they did not work for and the Democratic Caucus, using their credentials to gain access to the system - a federal offense.
  • Data was migrated from several servers onto a single server, which disappeared while being monitored by police
  • The Awans engaged in a "pattern of login activity" which suggest steps were taken to conceal their activity
  • House Democrats in turn misrepresented the issue to their own members as solely a matter of theft
  • No criminal charges have been filed related to the data breaches or a number of other violations
In what must surely warrant a Special Counsel by now, an internal House investigation concluded that Pakistani IT aides Imran Awan and wife Hina Alvi, along with Imran's brothers Abid and Jamal and a friend, impersonated at least 15 U.S. House members for whom they did not work - using their credentials to log into Congressional servers, before migrating data to a single server, which was stolen during the investigation, all while covering their tracks - reports Luke Rosiak of the Daily Caller.

This, and much more is detailed in a presentation assembled the House's internal watchdog - the Office of the Inspector General, after a four-month internal probe.
The presentation, written by the House's Office of the Inspector General, reported under the bold heading "UNAUTHORIZED ACCESS" that "5 shared employee system administrators have collectively logged into 15 member offices and the Democratic Caucus although they were not employed by the offices they accessed." -DC
One systems administrator "logged into a member's office two months after he was terminated from that office," reads the investigative summary.
There are strong indications that many of the 44 members' data - including personal information of constituents seeking help - was entirely out of those members' possession, and instead was stored on the House Democratic Caucus server. The aggregation of multiple members' data would mean all that data was absconded with, because authorities said that entire server physically disappeared while it was being monitored by police. -DC
The OIG also concluded that the Awans' behavior appeared to be a "classic method for insiders to exfiltrate data from an organization," as well as indications that a House server was "being used for nefarious purposes and elevated the risk that individuals could be reading and/or removing information," and "could be used to store documents taken from other offices," the Caller reports.

A House committee staffer close to the probe told The Daily Caller that "the data was always out of [the members'] possession. It was a breach. They were using the House Democratic Caucus as their central service warehouse."

"All 5 of the shared employee system administrators collectively logged onto the Caucus system 5,735 times, an average of 27 times per day... This is considered unusual since computers in other offices managed by these shared employees were accessed in total less than 60 times," the presentation reads.

The internal document also shoots down any notion that the access was for some legitimate purpose - indicating "This pattern of login activity suggests steps are being taken to conceal their activity."
A second presentation shows that shortly before the election, their alleged behavior got even worse. "During September 2016, shared employee continued to use Democratic Caucus computers in anomalous ways:
  • Logged onto laptop as system administrator
  • Changed identity and logged onto Democratic Caucus server using 17 other user account credentials
  • Some credentials belonged to Members
  • The shared employee did not work for 9 of the 17 offices to which these user accounts belonged."