Three Google Engineers Charged with Stealing Secrets for Iran

$250,000 in fines and 20 years in prison. That's what three Silicon Valley engineers now face after allegedly turning their insider access into an international espionage operation.

Samaneh Ghandali, 41, her sister Soroor, 32, and Samaneh's husband Mohammadjavad Khosravi, 40, were arrested Thursday on charges of stealing trade secrets from Google and other tech giants—then shipping them straight to Iran.

The Snapdragon Heist

This wasn't your typical corporate data breach. The trio allegedly targeted the crown jewels of mobile computing: Snapdragon system-on-chip designs, processor security protocols, and cryptography files. These are the brains inside most high-end Android phones—technology worth billions and closely guarded by companies like Qualcomm.

The setup was methodical. Samaneh and Soroor worked at Google before moving to a third company. Khosravi, a former Iranian army officer who became a U.S. permanent resident, worked at what prosecutors describe as "Company 2"—widely believed to be Qualcomm, the maker of Snapdragon chips.

Each defendant exploited their privileged access to systematically collect hundreds of confidential files from their respective positions.

Digital Breadcrumbs and Fatal Mistakes

Their method seemed sophisticated at first. The defendants routed stolen files through third-party platforms like Telegram, creating channels named after each of their first names. They copied materials to personal devices, each other's work computers, and ultimately to contacts in Iran.

Google's security systems caught them in August 2023 when Samaneh's activity triggered internal alerts. The company immediately revoked her access and she signed an affidavit denying any wrongdoing—a lie that would later become an obstruction charge.

Then came the panic moves that sealed their fate. The couple used personal laptops to search "how to delete communications" and research how long mobile carriers keep message records. Instead of covering their tracks, they created a digital trail of consciousness of guilt.

Screenshots Before the Flight

The most brazen act occurred in December 2023, the night before Samaneh and Khosravi flew to Iran. She allegedly photographed 24 screenshots of her husband's work computer, capturing Snapdragon SoC trade secrets in what appeared to be a last-minute intelligence grab.

While in Iran, devices linked to both defendants accessed these photos and additional proprietary Snapdragon hardware architecture information. It was as if they were conducting a real-time technology transfer operation from Iranian soil.

The Trust Deficit

Google detected the breach through "routine security monitoring" and immediately alerted law enforcement—a reminder that even tech giants with sophisticated security can be vulnerable to insider threats.

The company has since enhanced safeguards including restricted access to sensitive information, mandatory two-factor authentication, and comprehensive logging of file transfers to third-party platforms.

But the incident raises uncomfortable questions about the global tech industry's reliance on international talent. All three defendants were Iranian nationals who gained legitimate access to America's most sensitive technologies through student visas, citizenship, and employment at leading firms.

Economic Warfare in Silicon Valley

Prosecutors emphasized that Snapdragon SoC trade secrets have "independent economic value" because they're not publicly known and can't be easily obtained from competitors. In other words, this information could give Iran—or any nation—a significant advantage in the global semiconductor race.

The timing is particularly sensitive. As the U.S. restricts technology exports to Iran and other adversaries, cases like this highlight how traditional trade controls mean little when the technology can walk out the door in an employee's pocket.