A 20-year-old US Army soldier has been arrested and charged with being part of a hacking scheme to sell and distribute stolen phone records. According to an indictment, Cameron John Wagenius knowingly sold "confidential phone records" over online forums and other communications platforms last November.

The indictment doesn't detail the hacked material, but a report by KrebsOnSecurity reveals that Wagenius appears to be connected to a series of high-profile data breaches linked to the online alias "Kiberphant0m." Kiberphant0m claimed to have hacked 15 telecom firms and was working with the person allegedly behind the Snowflake data breach to sell the stolen information.

In November, Kiberphant0m posted what they claimed were AT&T call logs for President-elect Donald Trump and Vice President Kamala Harris. Although it's unclear if the data was genuine, AT&T did suffer a major theft of customer data as part of the Snowflake breach last year. Additionally, the hacker is alleged to have sold "remote access credentials for a major U.S. defense contractor" in 2023, according to Krebs.

Krebs reports that Wagenius worked on communications at an Army base in South Korea. After the alleged leak of Trump and Harris data, Krebs did a deep dive into Kiberphant0m's online communications and identified that they were likely a US soldier. In this latest report, Krebs spoke with Wagenius' mother, who confirmed his connection to the alleged Snowflake hacker.

Cybersecurity experts reportedly received harassment for trying to track down Kiberphant0m's identity, leading to a stark warning from Allison Nixon, the lead researcher at cybersecurity firm Unit 221B, who was part of the work. "Anonymously extorting the President and VP as a member of the military is a bad idea," Nixon told Krebs, "but it's an even worse idea to harass people who specialize in de-anonymizing cybercriminals."

This incident highlights the growing concern of data breaches and cybersecurity threats, particularly when it comes to high-profile targets. The fact that a US soldier was allegedly involved in the hacking scheme raises questions about the security clearance process and the potential risks posed by insiders with access to sensitive information.

The arrest of Wagenius serves as a reminder of the importance of robust cybersecurity measures and the need for increased vigilance in the face of evolving threats. As the investigation unfolds, it will be crucial to examine the extent of the hacking scheme and the potential implications for national security.