Get all your news in one place.
100’s of premium titles.
One app.
Start reading
TechRadar
TechRadar
Sead Fadilpašić

US government identifies hackers who stole 50 billion AT&T records in Snowflake hack

A hacker types on a laptop.

  • Connor Moucka and John Binns accused of attacking 10 companies, including AT&T
  • The US Government claims they extorted 36 bitcoin from their victims
  • Both were known to law enforcement in the past

The US government has accused two individuals of breaching 10 major companies, stealing their sensitive data, and then either extorting the firms for money, or selling the stolen data on the dark web. Among the victims is, most likely, AT&T, the American telecommunications powerhouse.

In the indictment, which TechCrunch published, the two individuals are named as Connor Moucka and John Binns. Both are already known, to both the media and law enforcement, as Alexander ‘Connor’ Moucka (aka Waifu and Judische) was taken into custody on October 30, in Canada, following a request by US law enforcement.

Binns, on the other hand, was already mentioned in relation to the AT&T hack, as one of the hackers with access to the stolen database, who tried to sell it back to the company. He was arrested in Turkey, for alleged crimes he committed in 2021 and, apparently, was to blame for the data breach that happened at T-Mobile, as well.

Hints of AT&T

The US government claim Moucka and Binns “devised and executed international computer hacking and wire fraud schemes to hack into at least 10 victim organizations’ protected computer networks, steal sensitive information, threaten to leak the stolen data unless the victims paid ransoms, and offer to sell online, and sell, the stolen data.”

“Through this scheme, the co-conspirators gained unlawful access to billions of sensitive customer records, including individuals’ non-content call and text history records, banking and other financial information, payroll records, Drug Enforcement Agency (DEA) registration numbers, driver’s license numbers, passport numbers, Social Security Numbers, and other personally identifiable information,” it says in the indictment.

The result of the attacks, the Government concludes, is profit of “at least 36 bitcoin ($2.5m at time of payment)” extorted from at least three victims.

While the document does not mention the names of victim companies, it does list Victim-2 as a major telecommunications company located in the United States, whose Cloud Computing Instance was hosted at computer servers located in Virginia. It was also said that this victim was breached in mid-April. All these things align it with AT&T.

Both the company, and the Department of Justice (DoJ), are currently silent on the matter.

Via TechCrunch

You might also like

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.