Google engineers indicted over alleged SoC and cryptography files sent to Iran
Senior engineers accused of moving chip security files abroad
Federal prosecutors say three engineers who worked at leading Silicon Valley firms removed sensitive engineering materials tied to mobile processor platforms and cryptographic protections, then moved those files outside corporate networks. Authorities arrested the suspects in San Jose and charged them with conspiracy, theft of proprietary information, and obstructing an investigation.
Investigators allege the defendants used a third-party communications channel to funnel documents to accounts labeled with first names, then copied the material onto personal and colleagues' devices before transferring it to Iran. Company internal defenses reportedly flagged unusual activity in mid-2023; one employee subsequently lost access to corporate resources as the probe escalated.
Prosecutors describe targeted collection that included technical blueprints and data on processor security and hardware architecture for smartphone system-on-chip products. The indictment emphasizes the alleged economic value of those technical designs because they are not publicly available and could confer a competitive advantage if disclosed.
As part of the alleged concealment, the pair reportedly photographed dozens of screens displaying proprietary details and consulted online guides about deleting communications and data retention. Travel by two defendants to Iran in late 2023 coincided with remote access events that prosecutors tie to retrieval of the captured images and files.
Law enforcement has framed the case as a combination of insider exploitation and deliberate operational security to avoid detection, including use of personal devices and third-party messaging platforms. The FBI and the U.S. attorney’s office are handling the prosecution; the firms involved have restricted access and reviewed audit records during internal inquiries.
Corporate responses included immediate notification to authorities, tightened account controls and two-factor requirements, and expanded logging of transfers to external services. Companies also stressed routine monitoring played a role in identifying anomalous behavior that triggered escalation to federal agents.
The indictment lists potential criminal exposure: multi-year prison sentences per count and significant statutory fines, raising the stakes for employees who handle high-value intellectual property. Beyond individual consequences, the case highlights supply-chain and talent-risk questions for chip designers and cloud-platform employers.
- Alleged items taken: hardware architecture, processor security details, cryptographic materials
- Modes of exfiltration: screen photos, personal device copies, third-party messaging transfer
- Timeline markers: internal access revoked mid-2023; overseas travel in December 2023
Read Our Expert Analysis
Create an account or login for free to unlock our expert analysis and key takeaways for this development.
By continuing, you agree to receive marketing communications and our weekly newsletter. You can opt-out at any time.
Recommended for you
France Charges Four Over Alleged China-Linked Effort to Gather Starlink Intelligence
French prosecutors have charged four individuals in an espionage probe that investigators say sought technical and locational data tied to Starlink satellite terminals and sensitive sites. The case underscores growing tensions around dual-use space communications and the security posture of Western military infrastructure against foreign intelligence operations.
Intel and Google uncover critical flaws in TDX after joint security review
A joint security review by Google and Intel found multiple vulnerabilities and dozens of bugs in Intel's Trust Domain Extensions (TDX), including a flaw enabling full compromise of a protected virtual machine during migration. Intel has issued patches and published an advisory after an extensive technical report and five months of collaborative analysis.
