This week, Amazon CEO Jeff Bezos' top security staffer, Gavin de Becker, wrote about an alleged plot by the Saudi Arabian government to hack the billionaire's phone. He also suggested a connection between the hack and National Enquirer publisher American Media Inc., which published details of Bezos' affair with Lauren Sanchez and threatened to publish explicit texts the pair exchanged.
De Becker offered little proof, aside from circumstantial details. He also said the article was the last he'd talk about it.
AMI refuted any connection to the Saudis, saying they got information about Bezos from Sanchez's brother. "There was no involvement by any other third party whatsoever," the company said.
If the Saudis were involved, that claim would have significant national security implications -- it would mean that a foreign government somehow got access to the phone of a major American business mogul. Given the seriousness of the charges, security experts are curious to see more concrete proof.
De Becker speculated the Saudis sought to expose Bezos' affair as retaliation, after the Bezos-owned Washington Post published reports criticizing the Saudi government's apparent involvement in the killing of Post columnist Jamal Khashoggi.
De Becker's piece describes a great deal of drama surrounding AMI, including missteps made by the company in the past, the wording of emails from AMI that he says are suspicious and some contacts between the Saudis and AMI. He stops short of alleging that AMI got the information from the Saudis, but it's strongly implied.
De Becker also cited news articles detailing the surveillance capabilities of the Saudis, including the extensive surveillance they reportedly conducted on Khashoggi before he was killed.
All of this is circumstantial to his central claim: "Our investigators and several experts concluded with high confidence that the Saudis had access to Bezos' phone, and gained private information."
He also said the information confirming this allegation had been turned over to federal authorities, which is why he said he is no longer addressing the matter.
CNBC spoke with three cybersecurity experts who have experience working on issues involving Saudi Arabia, who asked to remain anonymous because they did not have their employers' permission to speak to media. While the claims are in the realm of possibility, they said, they're also stunning allegations that need more concrete information to back them up.
Here's what we don't know.
Claims of hacking can often fall neatly into a wider narrative involving political intrigue, and the Bezos/AMI saga is chock full of it.
But separating these narrative details from the actual nuts-and-bolts of what Bezos' team is alleging about the Saudis is going to take a lot more digging.