Three Engineers Accused of Stealing Chip Security Trade Secrets from Google and Other Companies

Odaily According to reports, federal prosecutors have arrested three Silicon Valley engineers accused of stealing sensitive chip security trade secrets from companies including Google and transferring them to unauthorized locations, including Iran. A federal grand jury in the U.S. District Court for the Northern District of California has indicted Samaneh Ghandali, Soroor Ghandali, and Mohammadjavad Khosravi.

According to a statement from the U.S. Department of Justice (DOJ), during her tenure at Google, Samaneh Ghandali allegedly transferred hundreds of files, including Google's trade secrets, to a third-party communication platform. The stolen materials involved trade secrets related to processor security and cryptography. The defendants are accused of attempting to cover up their actions by deleting files, destroying electronic records, and submitting false affidavits to the victim companies.

The indictment describes that on the night before traveling to Iran in December 2023, Samaneh Ghandali took pictures of approximately twenty trade secret information screens displayed on a work computer at another company. While in Iran, a device associated with her accessed these photos, and Khosravi accessed other trade secret materials. Google's internal security system detected suspicious activity in August 2023 and revoked Samaneh Ghandali's access.

All three defendants are charged with conspiracy and theft of trade secrets, as well as obstruction of justice. The statutory maximum penalty for obstruction of justice is 20 years in prison.

Vincent Liu, Chief Investment Officer of Kronos Research, stated that employees with legitimate access can quietly extract highly sensitive intellectual property over time, even under existing controls. The risk for semiconductor and cryptography companies often comes from "trusted insiders, not hackers."

Dan Dadybayo, Head of Strategy at Horizontal Systems, said that the "perimeter" collapses when engineers can move architecture, key management logic, or hardware security designs out of controlled environments.

Dyma Budorin, Executive Chairman of Hacken, stated that certification frameworks like SOC 2 and ISO typically measure compliance maturity, not the actual resilience against specific attackers, especially insiders. These certifications prove that controls existed at the time of the audit but do not prove that sensitive data cannot be stolen.