Gorbachov and Sluchevsky have been accused of violating the Computer Fraud and Abuse act by accessing data without permission, as well as breach of contract and fraud for misleading Facebook into believing they were above-board. The two reportedly used fake names, and were caught in October 2018 after Facebook conducted a deeper look into browser extensions.

The browser plugins had some success with about 63,000 infections between 2017 and 2018, and also caused some damage to Facebook's bottom line. The company estimated that it spent over $75,000 looking into the intrusion. While the lawsuit doesn't call for specific damages, it wouldn't be shocking for Facebook to try and recoup its expenses.

Lawsuits like this could discourage others from trying similar moves, although this particular case may have a limited effect when Facebook can't compel Gorbachov or Sluchevsky to come to the US. More importantly, it may polish Facebook's image. The firm has been at the heart of multiple privacy scandals in recent months, and lawsuits like this could show that it's taking a more aggressive approach toward data thieves -- even if more substantial privacy reforms could take much longer.