U.S. prosecutors have formally linked the arrest of a serving U.S. Army soldier in December to an enormous theft of U.S. telephone data from AT&T and Verizon final 12 months.
Authorities arrested Cameron John Wagenius, a U.S. Army communications specialist, in Texas on December 20 following a short two-page grand jury indictment accusing the U.S. serviceperson of two counts of unlawfully transferring confidential telephone data. Wagenius was later extradited to Washington state.
In a brand new courtroom submitting on Friday, U.S. prosecutors confirmed that the costs in opposition to Wagenius are associated to the sooner indictment of two alleged hackers, Connor Moucka and John Binns, who the U.S. authorities accuse of a number of intrusions at cloud computing firm Snowflake that noticed the mass-theft of information saved in its buyer accounts. The Snowflake clients whose knowledge was stolen embody AT&T, which had “almost all” of its buyer name data by way of 2024 exfiltrated from its Snowflake account, and Verizon, from whom a considerable cache of buyer name logs was taken.
U.S. Attorney Tessa Gorman advised the Seattle courtroom that, “each circumstances come up from the identical laptop intrusion and extortion and embody a few of the similar stolen sufferer info,” and as such, “these circumstances depend on overlapping evidentiary materials and authorized course of and arguably current widespread questions of regulation and reality.”
This is the primary public acknowledgement by prosecutors that Wagenius’ costs are related to final 12 months’s breaches at cloud computing firm Snowflake. Security journalist Brian Krebs first reported on the hyperlink between Wagenius and the Snowflake hacks in November, and later broke the information of Wagenius’ arrest.
The account hacks at Snowflake turned some of the wide-reaching cyberattacks of final 12 months, affecting AT&T, LendingTree, Santander Bank, Ticketmaster, and not less than 160 different corporations. The hackers allegedly stole big banks of personally identifiable and delicate company knowledge that corporations saved in Snowflake, partly through the use of passwords stolen from worker computer systems with malware. Most of the affected Snowflake clients weren’t utilizing multi-factor safety, which Snowflake didn’t require of its clients on the time.
According to Krebs’ reporting, following the sooner arrest of Moucka by Canadian authorities, Wagenius claimed in a put up on a recognized cybercrime discussion board to have entry to the decision logs of Vice President Kamala Harris and then-President-elect Donald Trump, and threatened to leak the entire stolen information until Moucka was launched.
Prosecutors accuse the Snowflake hackers of stealing knowledge that features private info, cellular phone and IMEI numbers, dates of delivery, postal and e mail addresses, passwords, Social Security numbers, government-issued id numbers, in addition to fee card and checking account numbers.
Wagenius was ordered on January 8 to be detained, and is known to be in custody in Washington state.
