Recently unsealed documents indicate that a Chicago residence was searched in connection with the breach in October 2014.
Europol recently announced 49 arrests in connection with the fraud campaign.
The malware currently targets Oracle MICROS and other point-of-sale systems.
Approximately 4 million current and former federal employees may be affected.
The leaked data included names, birthdates, identification numbers and addresses.
A seven character password with special characters can be hacked in less than three minutes.
The company says malware was 'effectively deployed' on some of its point of sale systems between March 6 and April 17, 2015.
The leaked data includes user name, birthdates, email address, gender, location, relationship status and sexual orientation.
The bank says its domain name servers were hijacked last month.
'Over last 5 years my only interest has been to improve aircraft security,' Chris Roberts tweeted recently.
The company says it won't 'speculate on the scope of the intrusion,' since the investigation is ongoing.
Charles Eccleston allegedly designed and sent spear phishing emails targeting more than 80 computers at the U.S. Department of Energy.
If it doesn't have permission to overwrite the MBR, the malware destroys all files in the user's home folder.