Cameron Wagenius Pleads Guilty in Massive Data Breach Affecting AT&T and Verizon
Indictment and Guilty Plea
Cameron John Wagenius, a former US Army soldier, has pleaded guilty to two counts of "unlawful transfer of confidential phone records information" in connection with a cyberattack that targeted AT&T and Verizon, leading to the theft of sensitive data from over 100 million customers.
Wagenius, 20 years old and stationed in Texas at the time, was arrested last year after being indicted for his alleged role in the hack. The charges carry potential penalties of up to $250,000 in fines and up to 10 years in prison for each count.
Snowflake Connection
Prosecutors believe Wagenius and his alleged accomplices exploited vulnerabilities in Snowflake, a cloud services and data analytics provider, to gain access to data from AT&T, Verizon, and over 160 other companies, including Ticketmaster and LendingTree.
According to the Justice Department, the hackers had unrestricted access to a treasure trove of confidential information, including social security numbers, driver’s license numbers, passport details, and banking information.
Extortion Campaign
Two other individuals, Connor Moucka and John Binns, have also been indicted in connection with the Snowflake hack. They are accused of stealing "billions of sensitive customer records" and using that access to extort three victims, who collectively paid at least 36 bitcoin (approximately $2.5 million) to the hackers between November 2023 and October 2024.
Media Exposure
Unlike his accomplices, Wagenius has maintained a lower profile in the media. However, investigators were able to identify him through online activity and forum posts.
In contrast, Moucka openly discussed his involvement in the hack with 404 Media prior to his arrest, expressing concerns about law enforcement pursuing him. Binns also claimed responsibility for the AT&T breach in an interview with the Wall Street Journal.
Breach Scope and Impact
AT&T reported that the hack allowed the perpetrator to access "nearly all" of its customers’ phone records, including call and text history, over a six-month period in 2022. This resulted in over 110 million customers being notified of the breach.
Verizon similarly disclosed that a significant collection of customer call logs had been stolen. Both companies emphasized the seriousness of the breach and urged customers to remain vigilant for any suspicious activity.
Ongoing Investigation
The investigation into the Snowflake hack is ongoing, with authorities actively pursuing the remaining suspects. The case has highlighted the vulnerability of cloud services and the need for robust cybersecurity measures to protect sensitive data.