- Today
- Holidays
- Birthdays
- Reminders
- Cities
- Atlanta
- Austin
- Baltimore
- Berwyn
- Beverly Hills
- Birmingham
- Boston
- Brooklyn
- Buffalo
- Charlotte
- Chicago
- Cincinnati
- Cleveland
- Columbus
- Dallas
- Denver
- Detroit
- Fort Worth
- Houston
- Indianapolis
- Knoxville
- Las Vegas
- Los Angeles
- Louisville
- Madison
- Memphis
- Miami
- Milwaukee
- Minneapolis
- Nashville
- New Orleans
- New York
- Omaha
- Orlando
- Philadelphia
- Phoenix
- Pittsburgh
- Portland
- Raleigh
- Richmond
- Rutherford
- Sacramento
- Salt Lake City
- San Antonio
- San Diego
- San Francisco
- San Jose
- Seattle
- Tampa
- Tucson
- Washington
Silicon Valley Engineers Charged With Theft of Google, Tech Trade Secrets
Trio accused of stealing sensitive chip security files and routing them to unauthorized locations, including Iran
Published on Feb. 28, 2026
Got story updates? Submit your updates here. ›
Federal prosecutors have arrested three Silicon Valley engineers accused of stealing sensitive chip security trade secrets from Google and two other companies, and routing them to unauthorized locations, including Iran, raising national security concerns. The trio allegedly used their employment at Google and two other unnamed companies to access confidential files tied to mobile computer processors, including trade secrets related to processor security and cryptography.
Why it matters
This case highlights the growing threat of insider threats and the risks posed by employees with legitimate access to sensitive intellectual property. The theft of advanced semiconductor and cryptographic technology can have significant national security implications, especially if the information falls into the wrong hands, such as Iran. It also exposes gaps between formal compliance and real-world resilience, as current security frameworks may not be enough to prevent determined attackers from stealing critical data.
The details
According to the indictment, Samaneh Ghandali, while employed at Google, allegedly transferred hundreds of files, including Google trade secrets, to a third-party communications platform. The trio also allegedly used their access at the other two companies to steal additional trade secret material related to processor security and cryptography. Prosecutors allege that the defendants sought to conceal their actions by deleting files, destroying electronic records, and submitting false affidavits to victim companies denying that they had shared confidential information outside the company. In one episode, Samaneh Ghandali allegedly photographed roughly two dozen images of another company's work computer screen displaying trade secret information while in Iran, and a device associated with her allegedly accessed those photographs.
- In August 2023, Google's internal security systems detected suspicious activity and revoked Samaneh Ghandali's access.
- In December 2023, the night before traveling to Iran, Samaneh Ghandali allegedly photographed roughly two dozen images of another company's work computer screen displaying trade secret information.
The players
Samaneh Ghandali
One of the three Silicon Valley engineers accused of stealing sensitive chip security trade secrets from Google and two other companies.
Soroor Ghandali
One of the three Silicon Valley engineers accused of stealing sensitive chip security trade secrets from Google and two other companies.
Mohammadjavad Khosravi
One of the three Silicon Valley engineers accused of stealing sensitive chip security trade secrets from Google and two other companies.
An American multinational technology company that provides internet-related services and products, including the search engine Google Search.
What they’re saying
“Employees with legitimate access can quietly extract highly sensitive IP over time, even with existing controls in place.”
— Vincent Liu, Chief Investment Officer, Kronos Research (Decrypt)
“Firewalls don't matter when the exfiltration vector is legitimate access. When engineers can move 'architecture, key management logic or hardware security design out of controlled environments, the 'perimeter' collapses.”
— Dan Dadybayo, Strategy Lead, Horizontal Systems (Decrypt)
“In most technology organizations, information-theft risks are assumed to be mitigated by obtaining SOC 2 and ISO certifications. Such frameworks often measure compliance maturity, not actual resilience against a determined attacker—especially an insider.”
— Dyma Budorin, Executive Chairman, Hacken (Decrypt)
What’s next
The judge in the case will decide on Tuesday whether or not to allow the three defendants out on bail.
The takeaway
This case highlights the growing threat of insider threats and the need for technology companies to go beyond compliance frameworks and implement more robust security measures, including continuous monitoring, behavioral analysis, and adversarial testing, to protect their critical intellectual property and mitigate national security risks.
San Jose top stories
San Jose events
Feb. 28, 2026
San Jose Sharks vs. Edmonton Oilers
Feb. 28, 2026
San Jose Earthquakes vs. Atlanta United FC
Feb. 28, 2026
San Jose Barracuda vs. Tucson Roadrunners