US Solider Arrested After Allegedly Posting Trump, Harris Call Logs

A US Army communications specialist has been arrested and indicted after he allegedly sold “confidential phone records” from AT&T and Verizon.

According to KrebsOnSecurity, 20-year old Cameron John Wagenius had “knowingly and intentionally sell and transfer, and attempt to sell and transfer, confidential phone records information of a covered entity, without prior authorisation from the customer to who such confidential phone records informations relation…”

The indictment did not reveal exactly what records Wagenius is alleged to have stolen on 6 November, but the solider is said to be connected to a hacking alias and a scheme that was offering to sell and distribute stolen phone records.

Stolen records

KrebsOnSecurity reported that Wagenius appears to be connected to a series of high-profile data breaches linked to the online alias “Kiberphant0m.”

Kiberphant0m claimed to have hacked 15 telecom firms and was working with the person allegedly behind the Snowflake data breaches to sell the stolen information, it reported.

In November Kiberphant0m allegedly posted what was claimed to be the AT&T call logs for President-elect Donald Trump and Vice President Kamala Harris.

It is unclear at the time of writing whether the data was genuine or not.

But according to KrebsOnSecurity, AT&T did suffer a major theft of customer data as part of the Snowflake account breaches last year.

Snowflake is a cloud data storage company, and in October Canadian authorities arrested Alexander Moucka, a.k.a. Connor Riley Moucka or ‘Judische’ of Kitchener, Ontario over the matter.

Data breaches

What is known is that in March 2024 AT&T had confirmed it was investigating a cyber incident, after it had come “to our attention that a number of AT&T passcodes have been compromised.”

It then reset the affected passcodes.

But then in July 2024 AT&T admitted to a data breach that had taken place in 2022 and early 2023, which had impacted “nearly all” its customers. That breach apparently impacted 109 million customers.

KrebsOnSecurity noted that Wagenius had worked on communications at an Army base in South Korea.

Wagenius had been arrested on 20 December near the Army base in Fort Hood, Texas, after being indicted on two criminal counts of unlawful transfer of confidential phone records.

After the alleged leak of Trump and Harris data, KrebsOnSecurity had conducted a deep investigation into Kiberphant0m’s online communications, and in November had identified the hacker as likely being a US soldier.

In this latest report, KrebsOnSecurity reportedly spoke with Wagenius’ mother, who confirmed his connection to the alleged Snowflake hacker.