Share and Follow
Two sisters from Iran are facing allegations of espionage, accused of infiltrating American technology giants to purloin sensitive information on behalf of the Iranian government.
Samaneh Ghandali, aged 41, alongside her sister Soroor Ghandali, 32, and an associate, Mohammadjavad Khosravi, 40, have been indicted by a federal grand jury. The charges revolve around the theft of critical trade secrets from major tech companies, including Google, which were reportedly passed on to Iran.
Residing in San Jose, the trio found themselves in custody in mid-February, swiftly brought before a federal court, as revealed by prosecutors.
The alleged espionage took place under the radar within some of the world’s leading technology firms. Trusted with privileged access to advanced systems, the defendants allegedly misused their positions, according to investigators.
FBI officials have characterized this case as a daring insider operation, underscoring the breach against the backdrop of some of the most influential tech companies globally.
FBI Special Agent in Charge Sanjay Virmani accused the group of a ‘calculated betrayal of trust’ by ‘stealing trade secrets from the very tech companies that employed them.’
‘According to the allegations, the method in which confidential data was transferred by the defendants involved deliberate steps to evade detection and conceal their identities,’ he added.
They have been charged with conspiracy to commit trade secret theft, theft and attempted theft of trade secrets and obstruction of justice. All three defendants have pleaded not guilty.
Soroor Ghandali, 32, is accused along with her sister and brother-in-law of stealing tech secrets from Silicon Valley companies
Samaneh Ghandali, 41, is also accused of stealing tech secrets from Google and other big tech firmsÂ
If convicted, they could face up to 10 years in prison for each trade secret count and as much as 20 years for obstruction.
Google did not respond to our request for comment.
At the center of the case is a trove of highly valuable intellectual property – including sensitive data linked to processor security, cryptography and advanced mobile chip technology.
Prosecutors said hundreds of confidential files were taken, representing the kind of cutting-edge innovation that underpins everything from smartphones to national security systems.
Samaneh and Soroor Ghandali both worked at Google before moving to another company identified only as ‘Company 3.’
Khosravi worked separately at a firm referred to as ‘Company 2,’ which develops system-on-chip platforms similar to the Snapdragon processors used in modern smartphones.
Together, authorities allege, they quietly siphoned off data using a range of covert methods.
Files were transferred to private communication channels, moved onto personal devices and relocated to unauthorized storage – including destinations overseas and in Iran.
To cover their tracks, prosecutors said, the defendants went to extraordinary lengths.
They allegedly submitted false statements denying wrongdoing, deleted digital evidence and even photographed computer screens manually to bypass company security systems designed to detect downloads.
The allegations alone have raised serious national security concerns.
The indictment identifies the defendants as Iranian nationals. Soroor Ghandali was in the US on a student visa. Samaneh Ghandali later became a US citizen, while her husband Khosravi obtained legal permanent residency.
Silicon Valley insider Samaneh Ghandali seen here delivering a prexentation on cyber security
Prosecutors say Khosravi previously served in the Iranian army, according to CNBC.
The family’s background has also drawn scrutiny. The Ghandali sisters are reportedly the daughters of Shahabeddin Ghandali, a former Iranian official who was arrested in 2016 over an alleged $2.5 billion embezzlement scandal tied to a state-linked investment fund and a major bank.
The case is unfolding against a backdrop of surging tensions between Washington and Tehran.
The arrests came just weeks before the US and Israel launched a massive military offensive against Iran on February 28 – a campaign that has since escalated into a wider regional conflict and triggered a global energy shock.
Now, officials warn that the alleged theft reflects a broader and more troubling pattern.
Lara Burns, a former FBI special agent and terrorism expert at George Washington University, said Iran has long relied on covert networks to bypass sanctions and gain access to restricted technology.
‘They’re constantly using their network to try to avoid sanctions,’ Burns told the Daily Mail.
‘They want US products. They want US technology. They want information. I think that these recent cases that we’ve seen are to be expected from this network.’
The case has intensified fears that foreign adversaries are increasingly turning to insiders, employees with legitimate access, to penetrate America’s most sensitive industries.
Unlike traditional cyberattacks, insider threats are notoriously difficult to detect, often unfolding over months or years before being uncovered.
And the stakes could hardly be higher. The technology at issue – advanced chips, cryptography and secure processing systems – sits at the core of modern computing and defense infrastructure.
The prosecution occurs against the backdrop of escalating tensions in the MIddle East, as US and Israeli missiles continue to pound Tehran
The alleged scheme also comes as cyber warfare ramps up alongside the conflict in the Middle East.
Iran-linked hacking groups have stepped up attacks on US companies and critical infrastructure, targeting everything from healthcare systems to industrial networks.
Security experts say these digital assaults are part of a broader strategy – one that combines military force with cyber operations and economic disruption.