In a significant cybersecurity breach, U.S. prosecutors have linked Cameron John Wagenius, a serving U.S. Army soldier, to the theft of extensive phone records from telecommunications giants AT&T and Verizon. The arrest took place on December 20 in Texas following a two-page grand jury indictment. Wagenius, a communications specialist within the Army, faces two counts of unlawfully transferring confidential phone records, a charge linked to one of last year's most expansive cyberattacks affecting multiple sectors.
The theft of the phone records stems from a cyberattack on Snowflake, a cloud computing company whose systems were compromised, impacting not only AT&T and Verizon but also LendingTree, Santander Bank, Ticketmaster, and upwards of 160 other companies. U.S. Attorney Tessa Gorman confirmed that the charges against Wagenius are directly associated with this breach. After his arrest, authorities extradited Wagenius to Washington state, where he was ordered to remain detained as of January 8.
The repercussions of the Snowflake hack were severe, as nearly all customer call records of AT&T through 2024 were exfiltrated from their Snowflake account. Verizon also suffered substantial data loss, including customer call logs. The stolen data contained sensitive information such as personal details, cell phone and IMEI numbers, dates of birth, postal and email addresses, passwords, Social Security numbers, government-issued identity numbers, and financial information.
"Both cases arise from the same computer intrusion and extortion and include some of the same stolen victim information," stated U.S. Attorney Tessa Gorman.
Investigators revealed that hackers executed the breach by using passwords stolen from employee computers infected with malware. In a bold move, Wagenius allegedly claimed to possess call logs of high-profile figures such as Vice President Kamala Harris and then-President-elect Donald Trump. He threatened to leak these files unless one of the implicated hackers was released.
The scale of this cyberattack underscores the critical need for robust cybersecurity protocols across industries reliant on cloud-based services. As the investigation continues, the focus remains on identifying all parties involved and mitigating further risks to affected customers.
Leave a Reply