The U.K. Government Communications Headquarters—the British equivalent of the National Security Agency—created fake LinkedIn pages to hack into a major Belgian telecommunications company.

The hack was originally reported by Der Spiegel back in September, based on documents leaked by former intelligence contractor Edward Snowden. At the time, it was not known how the GCHQ pulled off the attack.

As it turns out, the hack was carried out using what is called a “man-in-the-middle attack.” In this case, we now know that means the GCHQ used fake LinkedIn pages to redirect employees to sites containing malware. By tricking company personnel into downloading the malicious software, the GCHQ appears to have been able to breach Belgacom cybersecurity.

This latest leak, published by Der Spiegel on Sunday, is the first reported instance of LinkedIn being exploited by a government spy agency. Unlike Facebook or Google, LinkedIn contains few personal details about its users. The incentive for targeting the professional network, then, is almost certainly economic.

What exactly the GCHQ did with the information it obtained from Belgacom is unclear. However, the agency’s willingness to obtain it stands as a clear example of surveillance that has moved beyond the realm of protecting national security.

Illustration by Jason Reed