Federal authorities have charged Cameron John Wagenius, a U.S. Army soldier, with selling stolen confidential phone records, linking him to a broader hacking operation that involved high-profile breaches. Arrested on December 20, Wagenius faces two counts of unlawful transfer of confidential phone records information, according to court documents unsealed this week.
Wagenius, allegedly operating under the alias “Kiberphant0m,” claimed involvement in hacking multiple telecom firms and selling sensitive data online. Among his alleged activities was the sale of call records purportedly linked to Vice President Kamala Harris and President-elect Donald Trump. While the authenticity of these claims remains uncertain, the breaches reportedly stem from a larger scheme connected to the hacking of Snowflake, a data storage and processing firm, according to cybersecurity journalist Brian Krebs on KrebsOnSecurity.
Wagenius’ arrest occurred at Fort Cavazos, Texas, formerly known as Fort Hood, though details about his rank or role were not disclosed. Colonel Kamil Sztalkoper, spokesperson for the III Armored Corps, confirmed the arrest and stated that the military is cooperating with law enforcement. Wagenius’ legal representation has not yet commented on the charges.
Court filings indicate Wagenius will be prosecuted in Seattle, where federal investigators are pursuing a broader case involving co-conspirators Connor Moucka and John Binns. Both individuals face accusations of stealing and attempting to sell billions of records, including sensitive personal and financial data. Moucka, apprehended in Canada, is awaiting extradition, while Binns is in custody for separate charges in Turkey.
Cybersecurity experts were instrumental in identifying Wagenius. Allison Nixon, chief research officer at Unit 221B, along with a colleague, traced the alias Kiberphant0m to Wagenius after encountering harassment from his hacking group. Nixon noted that law enforcement’s response to their findings was swift, calling it “the fastest turnaround time I have witnessed in my career.”
The Snowflake breaches have had widespread implications, with researchers linking the operation to the theft of AT&T customer data and even remote access credentials for a major U.S. defense contractor. Wagenius’ alleged role in these activities has drawn sharp criticism, particularly given his position as a member of the U.S. military.
As investigations continue, authorities have declined to release further details, citing the ongoing nature of the case.
Featured Image courtesy of JuSun/Getty Images/iStockphoto
Follow us for more tech news updates.