A US Army soldier has been formally linked to a massive data breach at cloud computing company Snowflake, which resulted in the theft of phone records from major telecommunications companies AT&T and Verizon. Cameron John Wagenius, a communications specialist, was arrested in December and charged with two counts of unlawfully transferring confidential phone records.

According to a new court filing, the charges against Wagenius are related to the earlier indictment of two alleged hackers, Connor Moucka and John Binns, who are accused of multiple intrusions at Snowflake. The hackers allegedly stole huge banks of personally identifiable and sensitive corporate data from Snowflake customers, including AT&T, Verizon, LendingTree, Santander Bank, Ticketmaster, and at least 160 other companies.

The data breach at Snowflake became one of the most wide-reaching cyberattacks of last year, with the hackers allegedly using passwords stolen from employee computers with malware to gain access to the cloud computing platform. Most of the affected Snowflake customers were not using multi-factor protection, which Snowflake did not require of its customers at the time.

Security journalist Brian Krebs first reported on the link between Wagenius and the Snowflake hacks in November, and later broke the news of Wagenius' arrest. According to Krebs' reporting, Wagenius claimed to have access to the call logs of Vice President Kamala Harris and then-President-elect Donald Trump, and threatened to leak all of the stolen files unless Moucka was released.

Prosecutors accuse the Snowflake hackers of stealing data that includes personal information, cell phone and IMEI numbers, dates of birth, postal and email addresses, passwords, Social Security numbers, government-issued identity numbers, as well as payment card and bank account numbers. The scope of the breach is staggering, with nearly all of AT&T's customer call records through 2024 exfiltrated from its Snowflake account, and a substantial cache of customer call logs taken from Verizon.

Wagenius was ordered to be detained on January 8 and is currently in custody in Washington state. The case highlights the importance of robust cybersecurity measures, including multi-factor authentication, to protect sensitive data from cyber threats.

The connection between Wagenius and the Snowflake hacks has significant implications for the cybersecurity industry, as it underscores the need for cloud computing companies to prioritize security and protect their customers' data. The case also raises questions about the security protocols in place at major telecommunications companies like AT&T and Verizon, and whether they did enough to prevent the breach.

As the investigation continues, it remains to be seen what other revelations will come to light about the scope and impact of the Snowflake breach. One thing is clear, however: the case serves as a stark reminder of the importance of robust cybersecurity measures in the face of increasingly sophisticated cyber threats.