US Prosecutors Charge Snowflake Hackers for Extorting a Staggering $2.5 Million from 3 Unsuspecting Victims

A Major Cybersecurity Breach Unfolds

Imagine this: you wake up one morning and find out that your personal data has been stolen. Not just a few pieces of information, but terabytes worth of sensitive data. Well, that’s exactly what happened to over 165 organizations that fell victim to a massive cybersecurity breach at the hands of two hackers who targeted the Snowflake cloud storage company.

Recently, the U.S. Department of Justice unsealed the indictment against the two suspected hackers, Connor Riley Moucka and John Erin Binns. These cybercriminals are accused of using stolen credentials to hijack Snowflake accounts that weren’t protected by multi-factor authentication. Once inside, they exfiltrated massive amounts of data and demanded ransom payments in exchange for deleting the stolen information.

Major Corporations Caught in the Crossfire

According to the indictment, the hackers managed to steal approximately 50 billion customer call and text records from a major U.S. telecommunications company. One company that fits the profile and suffered a massive data breach during the same timeframe as the indictment is AT&T. In July, they disclosed that call logs of 109 million customers were exposed during the incident when the data was accessed from their Snowflake account.

But AT&T wasn’t the only corporation targeted. Data breaches linked to Snowflake attacks affected hundreds of millions of individuals, customers of Ticketmaster, Santander, Pure Storage, Advance Auto Parts, Los Angeles Unified, QuoteWizard/LendingTree, and Neiman Marcus.

The Hackers’ Sneaky Tactics

Once the data was stolen, the hackers demanded ransoms in the form of cryptocurrency. They attempted to hide their tracks by conducting “a complex series of cryptocurrency transactions” and even converting the payments into Monero cryptocurrency. In some cases, the attackers engaged in double extortion, where they tried to get a new ransom payment from a breached company that had already paid the initial demand.

The indictment reveals that the two hackers and their co-conspirators extorted at least 36 Bitcoins, or $2.5 million, from three victims. For those victims that didn’t pay the ransom, the hackers advertised the stolen data to potential buyers on multiple hacking forums.

Justice Is Served

In late October 2024, Moucka (aka “Waifu” and “Judische”) was arrested in Canada, while Binns (aka “irdev” and “j_irdev1337”) was arrested in Turkey in May. The two now face multiple counts for various cybercrime charges, including wire fraud, securities fraud, conspiracy to commit fraud, unauthorized access and breach of computer systems, data theft, and privacy violations.

If convicted, the pair could face significant prison sentences, ranging from 5 to up to 25 years for each charge, totaling 60 years. Additionally, their assets and proceeds will be seized by the government, including bank accounts, vehicles, real estate, and any other valuables obtained as a result of their alleged offenses.

Don’t Be the Next Victim

The story of these hackers serves as a stark reminder that cybersecurity is more important than ever. Don’t let your organization become the next victim. Reach out to us at IT Services, and we’ll help you protect your valuable data from cybercriminals. Let’s work together to stay one step ahead of the hackers and keep your information safe. Remember, knowledge is power, so keep coming back to learn more about how you can protect your organization from cyber threats.