The suspect, 29-year-old Joshua Adam Schulte, is a former Central Intelligence Agency software engineer who was charged with possessing child pornography last August.
Federal authorities searched Schulte's apartment in NY past year and obtained personal computer equipment, notebooks and handwritten notes, according to a copy of the search warrant reviewed by The Washington Post.
The child pornography charges, according to the NYT, stem from material investigators found on a server Schulte created as a business in 2009 while he was a student at the University of Texas.
It is unclear why he has not been charged or cleared in connection with the theft and subsequent leak.More news: STDs reach all-time high in California
Whoever leaked the information apparently sent it to WikiLeaks, where it was published under the name "Vault 7".
"This is CIA's Edward Snowden", former CIA acting director Michael Morrell told CBS News Justice correspondent Jeff Pegues previous year, referring to the former National Security Agency contractor who leaked millions of documents in 2013.
Schulte worked in the CIA's Engineering Development Group, which produced the computer code, according to people with knowledge of his employment history as well as the group's role in developing cyberweapons. He states that he "developed a multitude of Quick Reactions Capabilities (QRCs) in C/C++ for both Windows and Linux systems to support clandestine operations". He maintained the agency targeted him because he was the only member of his team to leave the agency after reporting "incompetent management" to the CIA's inspector general. It was then a series of unlucky coincidences, he said, that led the government to focus in on him as a suspect in the leak investigation.
But the prosecutor, Matthew Laroche, an assistant US attorney in the Southern District of NY, said that the government has not brought an indictment, that the investigation "is ongoing" and that Schulte "remains a target of that investigation", according to a court transcript of the January 8 hearing that escaped public notice at the time. The disclosure constituted one of the largest breaches of classified. They conducted a number of search warrants on the defendant's residence. No charges have been filed against Schulte in that investigation, and his defense lawyers have insisted he was not involved. "In fact, our investigation is ongoing", Laroche said.More news: Mile Jedinak one game from Premier League return with Aston Villa
Here's where things get tricky: the government says it does not have enough evidence to charge Schulte with the leak.
Schulte's defense attorney said in court that the government's reasoning used to obtain search warrants for Schulte's property were "just flat inaccurate and not true". It is not clear whether the government is pursuing contractors as part of the leak investigation, but prosecutors have not mentioned anyone other than Schulte in court proceedings. What's on the public record now is that Schulte uses Tor, anonymity software used by millions of people, and that he planned to leave the country previous year - a trip he says was for a family vacation to Cancun.
On Friday, Manhattan federal prosecutor Matthew Laroche estimated in court that charges against Schulte are 45 days away.More news: Steven Gerrard 'delighted' to make first Rangers signing