gradient

US government identifies hackers who stole 50 billion AT&T records in Snowflake hack

Connor Moucka and John Binns accused of attacking 10 companies, including AT&TThe US Government claims they extorted 36 bitcoin from their victimsBoth were known to law enforcement in the past

The US government has accused two individuals of breaching 10 major companies, stealing their sensitive data, and then either extorting the firms for money, or selling the stolen data on the dark web. Among the victims is, most likely, AT&T, the American telecommunications powerhouse.

In the indictment, which TechCrunch published, the two individuals are named as Connor Moucka and John Binns. Both are already known, to both the media and law enforcement, as Alexander ‘Connor’ Moucka (aka Waifu and Judische) was taken into custody on October 30, in Canada, following a request by US law enforcement.

Binns, on the other hand, was already mentioned in relation to the AT&T hack, as one of the hackers with access to the stolen database, who tried to sell it back to the company. He was arrested in Turkey, for alleged crimes he committed in 2021 and, apparently, was to blame for the data breach that happened at T-Mobile, as well.

Hints of AT&T

The US government claim Moucka and Binns “devised and executed international computer hacking and wire fraud schemes to hack into at least 10 victim organizations’ protected computer networks, steal sensitive information, threaten to leak the stolen data unless the victims paid ransoms, and offer to sell online, and sell, the stolen data.”

“Through this scheme, the co-conspirators gained unlawful access to billions of sensitive customer records, including individuals’ non-content call and text history records, banking and other financial information, payroll records, Drug Enforcement Agency (DEA) registration numbers, driver’s license numbers, passport numbers, Social Security Numbers, and other personally identifiable information,” it says in the indictment.

The result of the attacks, the Government concludes, is profit of “at least 36 bitcoin ($2.5m at time of payment)” extorted from at least three victims.

While the document does not mention the names of victim companies, it does list Victim-2 as a major telecommunications company located in the United States, whose Cloud Computing Instance was hosted at computer servers located in Virginia. It was also said that this victim was breached in mid-April. All these things align it with AT&T.

Both the company, and the Department of Justice (DoJ), are currently silent on the matter.

Via TechCrunch

You might also like

Snowflake hacker arrested over data breach and extortionHere’s a list of the best firewalls todayThese are the best endpoint protection tools right now