United States soldier, Cameron John Wagenius, a communications specialist stationed in South Korea, who was arrested last month for trying to sell hacked data from American telecom companies, has now been linked to the BSNL hack in 2024, according to a Hindustan Times report.
Wagenius was arrested in Texas on December 20. He has now been linked to the major cybersecurity breach at India's state-owned BSNL, the report added citing cybersecurity analysts and publicly available information. The case has brought into the spotlight “cross-continental workings of an underground cybercrime industry”, it added.
The report said that Wagenius is likely to be “kiberphant0m”, who tried to sell 278 GB of sensitive BSNL data for $5,000 on Breached Forums, a popular dark web marketplace in May 2024. This data included BSNL’s home location register database, international mobile subscriber identities, and SIM numbers all of which is critical subscriber and infrastructure information.
In May, the hacker had also claimed to have snapshots of BSNL’s SOLARIS server and security key data. In the post he said that the data was worth “several million dollars but I’m selling for pretty cheap”.
The government had in July 2024 said in Lok Sabha that one of BSNL’s servers were breached, and that the Indian Computer Emergency Response Team (CERT-In) had reported this intrusion and breach on May 20, the report added.
A senior Indian government official told the paper, “We knew about the kiberphant0m account and have been working on it. We didn’t know who was responsible for the account. Attribution is very difficult in cyber domain.”
The report noted that the breakthrough in identifying Wagenius was possible because he was already under the radar in the US. His associate Connor Riley Moucka was also arrested in October, which revealed a "sprawling operation" in which Moucka and another associate, John Erin Binns, allegedly breached at least 10 organisations. They received $2.5 million in extortion payments from three victims.
The report added that Allison Nixon, chief research officer of Unit 221B, a New York-based cybersecurity firm that helped establish Wagenius’s identity, confirmed he was the same person who had “posted a sales ad for illicit access” to the BSNL data.
BSNL did not respond to requests for comment, making it difficult to determine if the telecommunications provider had filed an FIR, it added.
Catch all the Business News , Breaking News Events and Latest News Updates on Live Mint. Download The Mint News App to get Daily Market Updates.