A former government employee who purportedly worked to steal data on upwards to 250,000 federal employees and 150,000 internal investigations was formally indicted last week.

According to the Department of Justice on Friday, Charles K. Edwards and Murali Yamazula Venkata were indicted in Washington on 16 counts – including conspiracy to commit theft of government property and to defraud the United States, theft of government property, wire fraud, and aggravated identity theft.

Edwards served as the acting inspector general at Department of Homeland Security from 2011 to 2013. Per the DOJ, Edwards left the DHS-OIG in 2013 but continued to use Venkata, a former subordinate there, and other employees, from October 2014 to April 2017, as a means to steal software and databases.

The collective worked together to abscond sensitive government databases containing confidential and proprietary software belonging to Edwards' employer along with personally identifiable information on DHS and United States Postal Service employees. According to the indictment, the long-term goal of the data theft involved replicating a version of the software used by the OIG and then having Edwards’ private company, Delta Business Solutions, sell that data to the OIG of the U.S. Department of Agriculture.

It's unclear exactly how the data theft was facilitated. Given Edwards appears to have had a line into the DHS Office of Inspector General, this sounds like an insider threat scenario.

According to the DOJ, in order to perform upkeep on the databases, Venkata in particular had his laptop reconfigured so he could upload software and databases to Edwards, provide troubleshooting support, and helped him "build a testing server at his residence with the stolen software and databases, which contained PII."

If you’ve been paying attention, the news of the data theft isn’t exactly new; the indictment has been in the work for some time.

Back in January 2018, the DHS posted a notification to its website disclosing an incident relating to the Office of Inspector General's Case Management System, acknowledging that anyone involved with a DHS OIG investigation from 2002 to 2017 or employees at DHS in 2014 may be implicated. The DHS asserted that the incident wasn't the result of an attack performed by an external actor but the work of a "former DHS OIG employee."

In that disclosure, DHS said that DHS OIG discovered in May 2017 that an unauthorized copy of its investigative case management system was the possession of a former DHS OIG employee.

Details of the indictment coincide with news from last April involving a federal technology manager that helped a "former acting inspector general of U.S. DHS" to steal the OIG’s Enforcement Database System, "valued at more than $3.1 million."

Sonal Patel, a branch chief in the information technology division of the OIG, plead guilty to conspiracy to commit theft of government property for her role in the scheme.

While Patel wasn't named in last week's indictment, she did – according to a 2016 plea filing - hand off two DVDs with copied data to a co-conspirator before said co-conspirator hopped a plane to meet with software developers in India. The fact that Edwards used software developers in India to develop an alternative to DHS-OIG's software is reflected in the indictment.

DHS vehicles image via Tony Webster's Flickr photostream, Creative Commons