Three men from Information Technology Company, a Chinese internet security firm, have been indicted for hacking into three multinational corporations: Siemens AG, Moody’s Analytics, and Trimble, a GPS technology company. Two of the three accused are founders of the security firm.

Using spear phishing e-mail tactics and customized malware tools, the alleged hackers were able to gain and maintain unauthorized access to the targeted companies’ networks, according to Ars Technica. “The alleged hackers used their access to carry out a series of brazen data thefts,” writes Dan Goodin.

The indictment spotlights events that took place between 2011 and 2016:

Around 2011, a forwarding rule was placed on a Moody’s e-mail server, which caused messages sent to an influential company economist to go to a fake account created by the attackers.

In 2014, the hackers reportedly stole Siemens’ employee user names and passwords and 407GB of data relating to its energy, technology, and transportation businesses.

In 2015 and 2016, Trimble’s network was breached, leading to the theft of sensitive data relating to the development of a global navigation satellite systems technology.

Read the full story at Ars Technica.