US prosecutors have formally linked the arrest of a US Army soldier in December to a massive theft of US phone data by AT&T and Verizon last year.
Authorities arrested Cameron John Wagenius, a US Army communications specialist, in Texas on December 20 after a brief two-page grand jury indictment charged the US serviceman with two counts of illegally transferring confidential telephone records. Wagenius was later extradited to Washington state.
In a new court filing Friday, U.S. prosecutors confirmed that the charges against Wagenius are related to the earlier indictment of two alleged hackers, Connor Moucka and John Binns, who the U.S. government accuses of multiple intrusions into cloud computing company Snowflake. that saw the measure. -theft of data stored in the accounts of its customers. Snowflake customers whose data was stolen include AT&T, which had “almost all” of its customers’ call records dating back to 2024 exfiltrated from its Snowflake account, and Verizon, which received a significant amount of customer call logs.
U.S. Attorney Tessa Gorman told the Seattle court that, “both cases arise from the same computer intrusion and extortion and involve some of the same stolen victim information,” and as such, “these cases rely on overlapping evidentiary and legal process and common questions of law and fact may be present.”
This is the first public admission by prosecutors that Wagenius’ charges are related to last year’s breaches at cloud computing company Snowflake. Security journalist Brian Krebs first reported on the connection between Wagenius and the Snowflake attacks in November, and later broke the news of Wagenius’ arrest.
The Snowflake account hack became one of the most widespread cyberattacks of the past year, affecting AT&T, LendingTree, Santander Bank, Ticketmaster and at least 160 other companies. Hackers allegedly stole large banks of personally identifiable and sensitive corporate data that companies stored on Snowflake, in part by using passwords stolen from employee computers with malware. Most of Snowflake’s affected customers were not using multi-factor protection, which Snowflake did not require of its customers at the time.
According to Krebs’ reporting, following Moucka’s earlier arrest by Canadian authorities, Wagenius claimed in a post on a popular cybercrime forum that he had access to the call logs of Vice President Kamala Harris and then-President-elect Donald Trump and threatened to reveal all the stolen files if Moucka was not released.
Prosecutors accuse the Snowflake hackers of stealing data that includes personal information, cell phone and IMEI numbers, dates of birth, postal and email addresses, passwords, social security numbers, government-issued ID numbers, and social security numbers. payment cards and bank accounts.
Wagenius was ordered detained on January 8 and is understood to be in custody in Washington state.
