AT&T employees have been accused of taking bribes in exchange for helping compromise the users of the company's network, according to court documents filed in March 2018 that were unsealed this week.

The Department of Justice has opened a case against two Pakistani men for offering AT&T employees over $1 million to install malware on the company’s wireless network and unlock the devices of more than 2 million cellphones. The men named in the suit are Muhammad Fahd, 34, and Ghulam Jiwani, who is thought to be dead. Their scheme ran from April 2012 to September 2017.

Fahd and Jiwani reached out to employees at the Mobility Customer Care center in Bothell, Washington. Employees that agreed to work with the men received their bribes in a number of ways: directly to their bank accounts, in cash or through shell companies.

Court documents revealed that three former AT&T employees pleaded guilty to being part of the scheme and are cooperating with the government.

Fahd was arrested in Hong Kong in February 2018 after costing the telecom giant an estimated $5 million a year. He was extradited to the U.S. on Friday and faces a 14-count indictment that could carry a 20-year sentence.

According to court documents, the specifics of the plan involved two phases. First, Fahd and Jiwani had keylogger malware installed that gathered information about the structure of the company’s internal systems. Then, a second malware program used this information along with employee credentials to gain access to customers’ devices, most of which were iPhones.

“We have been working closely with law enforcement since this scheme was uncovered to bring these criminals to justice and are pleased with these developments,” AT&T said in a statement.

AT&T
View of AT&T communications company building in Mexico City on Dec. 3, 2018. OMAR TORRES/AFP/Getty Images
RELATED STORIES
AT&T Malware Cybercrime