A server belonging to the House Democratic Caucus went missing in early 2017 after it had been identified by the inspector general as a key piece of evidence in a hacking probe.
The Office of Inspector General had found months earlier that a group of House IT workers had logged in to the server 5,735 times during the surveyed period between October 2015 and April 2016.
The IT workers, most of whom were members of the Awan family, were working at that time for dozens of House Democrats, earning an estimated $7 million since 2004.
Imran Awan was first hired by House Democrats in 2004, after which two of his brothers, his wife, and his sister-in-law were added to the congressional payroll despite having little to no IT experience.
In a behind-closed-door briefing to the House leadership in September 2016, the inspector general said their activity was suspicious in part because the IT workers had taken steps to conceal their identities.
“Excessive logons are an indication that the server is being used for nefarious purposes and elevated the risk that individuals could be reading and/or removing information,” reads a presentation by the inspector general that was not released to the public.
The inspector general also warned of the risk that the server could be used as a repository to store documents “taken from other offices or evidence of other illicit activity.”
The investigation had uncovered Dropbox accounts installed on at least two Democratic Caucus computers used by the IT workers, against House IT policy.
The two accounts associated with the Dropbox accounts on the computers each contained thousands of files.
“We have not been permitted to view content of the files on these workstations. However, based on the file names, some of the information is likely sensitive,” the presentation says.
The inspector general also warned House leadership that the accounts could have been used to exfiltrate information.
Server Goes Missing
Following a second briefing in late September 2016, in which the House inspector warned the House leadership of “continuing unauthorized access,” the investigation was moved to the Capitol Police in October.It was not until months later, on Feb. 2, 2017, that the House sergeant at arms banned the IT workers from the House network.
The Democratic Caucus server, which had been identified by the inspector general as ground zero of the suspicious activity, had disappeared at that time.
The server had disappeared just weeks before Rep. Xavier Becerra (D-Calif.), who was the chairman of the House Democratic Caucus, left his position to become California’s attorney general.
Sensitive Information on Server
According to the inspector general, the Awans made numerous unauthorized log ins to systems of House members. Besides the members they worked for, they also accessed servers of 15 House representatives they didn’t work for.Information stored on the servers is considered extremely sensitive in nature and contains representatives’ personal data, calendars, emails, and information provided by constituents, such as personal and medical problems as well as their contact information and, in some cases, Social Security numbers.
There are concerns that the data was exfiltrated from Congress using the Dropbox accounts after it had been stored on the Democratic Caucus server.
The Pakistan Connection
The data may have been exfiltrated from Congress to Pakistan and other countries. Awan’s father allegedly transferred a USB drive to a Pakistani senator and former head of a Pakistani intelligence agency, the Daily Caller News Foundation reported in April this year, based on interviews with an ex-business partner of the father.“After Imran’s father deliver [sic] USB to Rehman Malik, four Pakistani [government intelligence] agents were with his father 24-hour on duty to protect him,” Rashid Minhas said.
He also said that Awan allegedly had bragged that he had the power to “change the U.S. president.”
Ongoing Investigation
Awan and his wife, Hina Alvi Awan, were charged in July 2017 on bank fraud charges.So far there have been no charges yet related to the alleged hacking and exfiltrating of data uncovered by the House Office of Inspector General and subsequent Capitol Police investigation.
President Donald Trump on June 7 called on the Justice Department not to let Awan and his former employer Debbie Wasserman Schultz (D-Fla.) off the hook.
Wasserman Schultz was among the first to employ Awan in 2005.
Part of the federal court case involving the bank fraud charges involves a laptop Awan left in a decommissioned phone booth in a House building on April 6. The laptop bore a username with Wasserman Schultz’s initials, “RepDWS,” and was accompanied by several copies of ID cards belonging to Awan as well as a letter to prosecutors.
Awan’s lawyer, Chris Gowen, has argued that the laptop should not be used in the court case, citing attorney-client privilege.
Wasserman Schultz tried for months to have the laptop returned to her and hired an outside lawyer to block prosecutors from looking at it.
Earlier this week, a hearing in the court case was delayed for a seventh time until July 3. Court documents indicate that Awan’s lawyer has been considering a plea deal.
“The parties are currently exploring a possible resolution of this matter,” prosecutors wrote in court documents last month.
Friends Read Free