US Soldier Linked to AT&T Hack Accused of Contacting Spy Agency
A 21-year-old US soldier accused of trying to sell AT&T call records of Donald Trump’s family members has been linked to a web of cybercrime that goes far beyond mere data theft. According to court documents, Cameron Wagenius pleaded guilty earlier this year to unlawfully posting and transferring confidential AT&T phone records, including those of Kamala Harris and FBI informants.
The US government has also accused him of attempting to extort AT&T Inc., asking for $500,000 to delete the sensitive records in November last year while on active duty with the US army, stationed at Fort Cavazos. The records were stolen as part of a wider cyber campaign against Snowflake customers in the summer of 2024, which involved at least 10 organizations including Live Nation Entertainment Inc. and Advance Auto Parts Inc.
In November — the same month he posted the AT&T data for sale — Wagenius allegedly communicated with an email address he believed belonged to an unidentified country’s military intelligence service in an attempt to sell stolen information, prosecutors allege. Days later, he Googled “can hacking be treason,” a search that suggests he may have been considering crossing a line into treasonous activities.
According to a memorandum filed on Wednesday by the US government which asked a judge to keep Wagenius detained, the extortion was “only a small part of Wagenius’ malicious activity.” The document also reveals that Wagenius conducted online searches about how to defect to countries that do not extradite to the United States and that he previously attempted to sell hacked information to at least one foreign intelligence service.
Wagenius also carried out Google searches about the Russian embassy in Washington, D.C and “U.S. military personnel defecting to Russia,” prosecutors added. This raises serious questions about Wagenius’ loyalty and potential connections to foreign powers.
Since his arrest, prosecutors have found evidence on Wagenius’ devices indicating that he had access to thousands of stolen identification documents, including passports and driver’s licenses, as well as access to large amounts of cryptocurrency. His co-conspirator, Connor Moucka, is expected to appear in an extradition hearing in Canada on Friday, on charges of stealing AT&T and other Snowflake customer data.
The case highlights the depth of Wagenius’ involvement in cybercrime and raises concerns about the security of sensitive information within the US government and private sector. As investigations continue, one thing is clear: Cameron Wagenius' actions have put national security at risk.