DOJ Confirms Arrested US Army Soldier Tied to Major AT&T and Verizon Hacking Scandal

U.S. prosecutors have made significant connections in the ongoing investigation into a massive theft of U.S. phone records involving telecommunications giants AT&T and Verizon. The recent arrest of Cameron John Wagenius, a U.S. Army soldier, has brought new developments to light regarding this major cybercrime incident.

Arrest of U.S. Army Soldier Linked to Major Cybercrime

Cameron John Wagenius, a communications specialist in the U.S. Army, was arrested in Texas on December 20. The arrest followed a brief two-page grand jury indictment that charged him with two counts of unlawfully transferring confidential phone records. Subsequently, Wagenius was extradited to Washington state for further proceedings.

Connection to Snowflake Hacking

In a recent court filing, U.S. prosecutors confirmed that Wagenius’ charges are directly linked to the earlier indictment of two alleged hackers, Connor Moucka and John Binns. These individuals are accused of conducting multiple intrusions at the cloud computing company Snowflake, which led to the large-scale theft of sensitive data from its customers.

• AT&T: Nearly all customer call records through 2024 were exfiltrated.
• Verizon: A significant number of customer call logs were also compromised.

U.S. Attorney Tessa Gorman stated in Seattle court that “both cases arise from the same computer intrusion and extortion” and emphasized the overlap in evidentiary material and legal processes involved in both cases.

Widespread Impact of the Snowflake Breaches

The account hacks at Snowflake have been recognized as one of the most extensive cyberattacks of last year, impacting numerous organizations, including:

1. AT&T
2. LendingTree
3. Santander Bank
4. Ticketmaster
5. At least 160 other companies

Reports suggest that the hackers stole vast amounts of personally identifiable and sensitive corporate data, often exploiting weak security measures, such as the lack of multi-factor authentication, which Snowflake did not mandate at the time.

Threats and Potential Data Leaks

According to cybersecurity journalist Brian Krebs, following the arrest of Moucka by Canadian authorities, Wagenius allegedly claimed access to the call logs of notable political figures, including Vice President Kamala Harris and then-President-elect Donald Trump. He threatened to leak the stolen files unless Moucka was released.

Details of the Stolen Data

Prosecutors have outlined the types of information that the Snowflake hackers managed to steal, which include:

• Personal information
• Cell phone and IMEI numbers
• Dates of birth
• Postal and email addresses
• Passwords
• Social Security numbers
• Government-issued identity numbers
• Payment card and bank account numbers

As of January 8, Wagenius has been ordered to be detained and is currently held in custody in Washington state, pending further legal proceedings.

For more information on cybersecurity threats and prevention measures, visit CISA or explore our related articles on cybersecurity best practices.