A 20-year-old US Army soldier, Cameron John Wagenius, has been arrested and charged with participating in a hacking scheme to sell and distribute stolen phone records.
According to the indictment, Wagenius knowingly sold confidential phone records on online forums and communication platforms in November 2024.
While specific details about the hacked material remain undisclosed, cybersecurity journalist KrebsOnSecurity reports that Wagenius may be linked to a series of high-profile data breaches under the online alias “Kiberphant0m.” This alias has been associated with hacking 15 telecom firms and collaborating with the individual behind the Snowflake data breaches to sell stolen information.
In November 2024, Kiberphant0m claimed to have obtained and shared AT&T call logs for President-elect Donald Trump and Vice President Kamala Harris. The authenticity of this data remains unconfirmed, though AT&T did experience a significant data theft connected to the Snowflake breaches last year. Additionally, Kiberphant0m is alleged to have sold remote access credentials for a major U.S. defense contractor in 2023.
Reports suggest that Wagenius was stationed at an Army base in South Korea, working in communications. Following the alleged leak of Trump and Harris’ data, KrebsOnSecurity investigated Kiberphant0m’s digital activities, leading to the discovery of their possible identity as a U.S. soldier. In a recent report, the journalist spoke with Wagenius’ mother, who reportedly confirmed her son’s link to the alleged Snowflake hacker.
The hacking saga has also brought challenges for cybersecurity professionals involved in identifying Kiberphant0m. According to Allison Nixon, lead researcher at cybersecurity firm Unit 221B, those tracking the hacker’s identity faced online harassment. In an interview with KrebsOnSecurity, Nixon commented, “Anonymously extorting the President and VP as a member of the military is a bad idea, but it’s an even worse idea to harass people who specialize in de-anonymizing cybercriminals.”
The investigation continues as federal authorities piece together Wagenius’ alleged involvement in this complex hacking scheme, which has raised significant cybersecurity and national security concerns.
