Court documents for both cases say Wagenius accessed sensitive telecom records before extorting the companies, threatening to release the stolen data unless he and his co-conspirators were paid ransoms. Wagenius and his co-conspirators threatened to post the stolen data to popular cybercriminal forums like BreachForums and XSS.is, often offering to sell the data for thousands of dollars. Prosecutors said the stolen data did not include customer names, but the data Wagenius posted was enriched to include names associated with specific telephone numbers. On October 12, Wagenius posted 325 GB stolen from the company on XSS.is, offering to sell the data for $200,000. While the indictments do not mention Wagenius’ victims by name, Unit 221B’s chief research officer Allison Nixon said on social media that the conviction was the first of the “Snowflake hacker gang” — referencing a spate of attacks last year targeting more than 100 customers of data storage giant Snowflake. “Additionally, Wagenius violated his commanding officer’s orders by purchasing a new laptop after a federal search warrant was executed at his barracks room and his electronic devices were seized, which raises concerns about his willingness to comply with any conditions of release,” court documents explained. “The danger to the public is amplified by the possibility that Wagenius may be able to access remote servers and cloud storage accounts when he gains access to the internet, and there are potentially gigabytes of sensitive victim information that have not yet been recovered,” prosecutors said. In at least one instance, Wagenius offered to sell the stolen data to a foreign intelligence service. The indictment mentions one instance in May 2024 where Wagenius and a co-conspirator accessed the systems of a victim company and stole information on hundreds of thousands of the company’s customers. In August and September, Wagenius and two others stole data on thousands from another victim company. Wagenius and several others sought at least $1 million in ransoms for the stolen data. In November 2024, Wagenius contacted an email address he believed belonged to an unidentified country’s military intelligence service in an effort to sell the information he stole. Prosecutors said some was successfully sold on these forums and in some cases the hackers used the stolen data to perpetuate other schemes like SIM swapping. A former soldier in the U.S. Army pleaded guilty on Tuesday to charges that he stole data from multiple telecommunications giants and either sold it online or sought ransoms for it. Many of the court documents for that case have been sealed and restricted from the public but those available paint a picture of Wagenius as a U.S. soldier actively seeking to flee the country following his cybercrimes. Cameron John Wagenius is now facing a maximum sentence of 27 years in prison after pleading guilty in a Seattle federal court to wire fraud, extortion and aggravated identity theft. Connor Riley Moucka and John Erin Binns — two other hackers implicated in the theft of Snowflake data and previous targeting of telecoms like AT&T and T-Mobile. Prosecutors obtained threatening messages Wagenius sent to the one victim company where he said he didn't care if he received a ransom. Prosecutors said Wagenius, 21, attempted to extort multiple U.S.-based telecommunications companies after obtaining login credentials and breaching their systems. In March, Wagenius pleaded guilty to two separate but related charges centered around posting confidential phone records to an online forum and sending the records through a platform. Wagenius tried to extort several other victims, demanding $500,000 worth of cryptocurrency in some cases, prosecutors said.
This Cyber News was published on therecord.media. Publication date: Wed, 16 Jul 2025 12:05:13 +0000