U.S. prosecutors have formally linked the arrest of a serving U.S. Military soldier in December to an enormous theft of U.S. cellphone data from AT&T and Verizon final 12 months.
Authorities arrested Cameron John Wagenius, a U.S. Military communications specialist, in Texas on December 20 following a quick two-page grand jury indictment accusing the U.S. serviceperson of two counts of unlawfully transferring confidential cellphone data. Wagenius was later extradited to Washington state.
In a brand new court docket submitting on Friday, U.S. prosecutors confirmed that the costs towards Wagenius are associated to the sooner indictment of two alleged hackers, Connor Moucka and John Binns, who the U.S. authorities accuse of a number of intrusions at cloud computing firm Snowflake that noticed the mass-theft of information saved in its buyer accounts. The Snowflake clients whose knowledge was stolen embrace AT&T, which had “practically all” of its buyer name data by 2024 exfiltrated from its Snowflake account, and Verizon, from whom a considerable cache of buyer name logs was taken.
U.S. Lawyer Tessa Gorman instructed the Seattle court docket that, “each circumstances come up from the identical pc intrusion and extortion and embrace a few of the similar stolen sufferer info,” and as such, “these circumstances depend on overlapping evidentiary materials and authorized course of and arguably current frequent questions of legislation and reality.”
That is the primary public acknowledgement by prosecutors that Wagenius’ prices are linked to final 12 months’s breaches at cloud computing firm Snowflake. Safety journalist Brian Krebs first reported on the hyperlink between Wagenius and the Snowflake hacks in November, and later broke the information of Wagenius’ arrest.
The account hacks at Snowflake grew to become one of the vital wide-reaching cyberattacks of final 12 months, affecting AT&T, LendingTree, Santander Financial institution, Ticketmaster, and at the very least 160 different firms. The hackers allegedly stole large banks of personally identifiable and delicate company knowledge that firms saved in Snowflake, partially by utilizing passwords stolen from worker computer systems with malware. A lot of the affected Snowflake clients weren’t utilizing multi-factor safety, which Snowflake didn’t require of its clients on the time.
In accordance with Krebs’ reporting, following the earlier arrest of Moucka by Canadian authorities, Wagenius claimed in a publish on a recognized cybercrime discussion board to have entry to the decision logs of Vice President Kamala Harris and then-President-elect Donald Trump, and threatened to leak all the stolen recordsdata until Moucka was launched.
Prosecutors accuse the Snowflake hackers of stealing knowledge that features private info, cellphone and IMEI numbers, dates of start, postal and e mail addresses, passwords, Social Safety numbers, government-issued id numbers, in addition to fee card and checking account numbers.
Wagenius was ordered on January 8 to be detained, and is known to be in custody in Washington state.
