The US Justice Department has indicted a Pakistani man named Muhammad Fahd for paying around $1 million in bribes to AT&T employees at a call center in Bothell, Washington to unlock phones and infect the telecommunications giant’s network with malware. The insiders fraudulently unlocked more than 2 million devices between 2012 and 2017.

Employees that were in on the scheme also planted malware on AT&T’s network that enabled Fahd to unlock phones remotely. According to the indictment, “Muhammad Fahd sent the insiders multiple versions of the unlocking malware to test and perfect the malware on behalf of the conspiracy.” When the malware was found to work as intended, “Fahd instructed the insiders to plant the unlocking malware on AT&T’s internal protected computers and to run the unlocking malware while they were at work.” Even though AT&T detected the malware in 2013 and identified various employees resonsible for the infection, Fahd’s scheme continued until 2017. This story serves as a reminder of the serious threat companies face from malicious insiders.

Read more: Pakistani Man Bribed AT&T Employees to Unlock Phones, Plant Malware