Malaysian authorities have arrested a hacker from Kosovo who allegedly provided the Islamic State of Iraq and Greater Syria with the private information of more than a thousand U.S. security officials, according to a statement released by the U.S. Department of Justice on Thursday night.

The suspect, 20-year-old Ardit Ferizi, was living in Kuala Lumpur, where he had been studying computer science and forensics since August 2014. Officials believe that he led a Kosovar hacking group called Kosovar Hackers Security (KHS), which knew him by the moniker Th3Dir3ctorY.

Between June and August, the Department of Justice said, Ferizi gave Junaid Hussein, a prominent ISIS leader in Syria originally from the U.K., an unspecified volume of personal data he obtained by hacking a U.S. government server based in Phoenix. On Aug. 11, Hussein — who died in an air strike in the city of Raqqah later that month, according to an affidavit — publicly shared a definitive 30-page document that listed the names, e-mail addresses and passwords, locations, and phone numbers of 1,351 U.S. military and government personnel.

The document’s target audience was allegedly ISIS supporters in the U.S. who could use its information to locate and attack the individuals listed.

“We are in your emails and computer systems, watching and recording your every move,” the document began. “We have your names and addresses, we are in your emails and social media accounts, we are extracting confidential data and passing on your personal information to the soldiers of the khilafah, who soon with the permission of Allah will strike at your necks in your own lands!”

The case, U.S. Assistant Attorney General John Carlin said, is “a first of its kind.” Malaysian police told Reuters that they would extradite Ferizi to the U.S., where he faces up to 35 years in prison if convicted.

Get The Brief. Sign up to receive the top stories you need to know right now. Please enter a valid email address. Sign Up Now Check the box if you do not wish to receive promotional offers via email from TIME. You can unsubscribe at any time. By signing up you are agreeing to our Terms of Use and Privacy Policy . This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. Thank you! For your security, we've sent a confirmation email to the address you entered. Click the link to confirm your subscription and begin receiving our newsletters. If you don't get the confirmation within 10 minutes, please check your spam folder.

Contact us at letters@time.com.