U.S. prosecutors have officially linked the arrest of an active-duty U.S. Army soldier in December to the mass theft of U.S. phone records from AT&T and Verizon last year.
Authorities on Dec. 20 arrested U.S. Army communications specialist Cameron John Wagenius following a brief two-page grand jury indictment charging the U.S. service member with two counts of illegally transferring confidential phone records. He was arrested in Texas. Wagenius was later extradited to Washington state.
In a new court filing Friday, U.S. prosecutors said the charges against Wagenius are accusing the U.S. government of multiple intrusions into cloud computing company Snowflake, which witnessed a slew of attacks. It has been confirmed that the charges are related to previous indictments of two suspected hackers, Connor Muka and John Binns. -Theft of data stored in customer accounts. Snowflake customers whose data was stolen include AT&T, where “nearly all” of customer call records dating back to 2024 were leaked from Snowflake accounts, and Verizon, where a significant cache of customer call records was leaked.
U.S. Attorney Tessa Gorman said in a Seattle courtroom that “both cases stem from the same computer intrusion and extortion and involve some of the same stolen victim information.” “There is no doubt that this relies on overlapping documentary evidence and legal processes.” General questions about law and fact. ”
This is the first time prosecutors have publicly acknowledged that Wagenius' charges are related to last year's data breach at cloud computing company Snowflake. Security journalist Brian Krebs first reported the link between Wagenius and the Snowflake hack in November, and then broke the news of Wagenius' arrest.
The Snowflake account hack was one of the most widespread cyberattacks of last year, affecting AT&T, LendingTree, Santander Bank, Ticketmaster, and at least 160 other companies. Hackers allegedly stole vast banks of personally identifiable and sensitive corporate data that companies had stored on Snowflake, including by using passwords stolen from employee computers with malware. Most affected Snowflake customers were not using multi-factor protection, and Snowflake did not require multi-factor protection from its customers at the time.
Krebs reported that after Mouka's earlier arrest by Canadian authorities, Wagenius accessed call records between Vice President Kamala Harris and then-President-elect Donald Trump in posts on known cybercrime forums. He claimed that he could, and threatened him as follows. All stolen files will be leaked unless Moucka is released.
Prosecutors say the Snowflake hackers stole data including personal information, mobile phone numbers and IMEI numbers, dates of birth, zip codes and email addresses, passwords, Social Security numbers, government-issued ID numbers, and even payment card and bank account numbers. accused of stealing.
Wagenius was ordered into custody on January 8 and is believed to be in custody in Washington state.