A former employee of the United States National Security agency admitted Friday that he illegally stored classified documents from the agency that were subsequently stolen from his personal computer by Russian hackers.

Nghia Hoang Pho, a 67-year-old man residing in Maryland, pleaded guilty to one count of removal and retention of national defense information. Pho now awaits sentencing for his crime, which can carry up to 10 years in prison, though prosecutors agreed not to seek more than eight years.

Pho began work with the NSA in 2006, when he joined the agency’s Tailored Access Operations (TAO) group as a developer. TAO is considered to be the hacking arm of the NSA, leading cyber warfare and intelligence gathering efforts by developing and deploying highly sophisticated hacking tools.

Pho received a variety of security clearances during his time with the NSA and had access to national defense information and other classified documents. According to a plea agreement, he regularly worked on “highly classified, specialized projects.”

Beginning in 2010 and continuing through March 2015, Pho regularly removed and stored government documents that contained sensitive national defense information, including documents classified as Top Secret—the highest level of classified information that is defined by the government as information that “unauthorized disclosure of which reasonably could be expected to cause exceptionally grave damage to the national security.”

Pho held onto both physical, hard copies and digital copies of the documents, which were stored in his residence in Maryland.

The information stored by Pho was is believed to have been stolen by Russian hackers who identified the Top Secret government documents after it was identified by the Kaspersky Lab antivirus software installed on his personal computer. Kaspersky Lab, a Russia-based cybersecurity firm, has denied any role in working with the Russian government or other entities to identify or steal documents.

Pho is one of three NSA workers in the last two years to be charged with mishandling of classified information. Pho’s case is particularly egregious, as the employee was lifting sensitive documents from the agency for half a decade.

The crackdown on employees and contractors mishandling information comes as the NSA continues its search for the source of a major breach of the agency that resulted in the public release of its hacking tools.

The breach, carried out by an anonymous group of hackers identified as the Shadow Brokers, has caused fits for the agency. Tools developed by the NSA have been used to carry out massive cyber attacks, including the WannaCry ransomware attack that spread to more than one million computers earlier this year. Stolen NSA exploits have led to the shut down of hospitals, communications companies, public transportation and other essential infrastructure.

In addition to the arrest of Pho, NSA contractor Harold T. Martin III was arrested last year after the FBI discovered 50TB of data and documents taken from the NSA over a 20 year period. Reality Winner, a contract linguist who worked with the NSA, was arrested in June after providing an NSA file to the Intercept, which then published the document.