A Malaysian man was charged on Thursday for hacking into the computer network of a U.S. Federal Reserve bank and for stealing more than 400,000 stolen credit card and debit card numbers, according to federal authorities.

Lin Mun Poo, 32, is suspected of accessing financial records at a Federal Reserve Bank in Cleveland, Ohio, by “exploiting a vulnerability he found within their secure system,“ according to a statement by the U.S. Attorney’s Office of the Eastern District of New York. At least 10 Federal Reserve Bank computers were affected by the breach, resulting in thousands of dollars in damage, the statement said.

Poo was arrested on Oct. 21, hours after his arrival in the United States, when Secret Service agents observed him selling stolen credit card numbers for $1,000 at a Brooklyn diner, the statement said.

Authorities discovered a “massive quantity“ of stolen personal financial data following a forensic examination of Poo’s “heavily encrypted“ laptop computer, the U.S. attorney’s office statement said.

Poo had obtained the numbers by hacking into numerous systems, including FedComp, a data processor for federal credit unions, the statement said.

“As today’s technology continues to evolve, cybercriminals use these advances and enhancements to perpetrate an expanding range of crimes,“ Secret Service Special Agent Brian Parr said in the statement.

The four counts against Poo include access device fraud and aggravated identity theft.

If convicted, he could a maximum sentence of 10 years in prison.

Poo’s attorney, Kannan Sundaram, could not immediately be reached for comment.