A now-former U.S. Army soldier has pleaded guilty to a hacking and extortion scheme in which federal prosecutors said he stole data from 10 telecommunications companies’ databases, then threatened to leak the data “unless ransoms were paid.”
While on active duty, Cameron John Wagenius, 21, and others working with him hacked into the companies’ protected computer networks and accessed “hundreds of thousands” of records tied to businesses and their customers, including call and text histories and other personal information, according to court filings.
Wagenius was stationed at Fort Cavazos in Central Texas and at a U.S. Army base in South Korea throughout the scheme between April 2023 and Dec. 18, 2024, when he used online accounts linked to different nicknames like “kiberphant0m,” court documents say.
In a felony information, prosecutors wrote Wagenius and his alleged conspirators profited from the scheme, “including by attempting to extort at least $1,000,000 from victim data owners, offering to sell victims’ stolen data via online messages and via posts on cybercriminal forums for thousands of dollars, successfully selling at least some of this stolen data, and using stolen victim data in further frauds.”
Wagenius pleaded guilty on July 15 to conspiracy to commit wire fraud, extortion in relation to computer fraud, and aggravated identity theft, the U.S. Attorney’s Office for the Western District of Washington said in a news release.
His defense attorney, James Lee Bright, declined McClatchy News’ request for comment July 16.
According to Wagenius’ plea agreement, he would have typically been prosecuted in the Western District of Texas. However, he agreed to be prosecuted in Washington. It is not immediately clear why Washington was chosen for his prosecution.
‘Can hacking be treason’
Wagenius and those accused of working with him learned the telecom companies’ login credentials to hack their databases, including by using “a hacking tool that they called SSH Brute,” prosecutors said.
They communicated with each other over Telegram to coordinate the hacks, according to prosecutors.
In a separate case related to the hacking scheme, also filed in the Western District of Washington, the U.S. Attorney’s Office said Wagenius pleaded guilty to two counts of unlawful transfer of confidential phone records information.
Those charges stem from Wagenius posting and sharing phone records, including records associated with “high-ranking public officials” and their families, prosecutors wrote in a motion for Wagenius’ continued detention in that case.
The Feb. 26 filing says Wagenius also researched how to defect from the U.S. and tried to sell stolen information to another country’s intelligence service “while he held a security clearance.”
“While engaged in these criminal activities, Wagenius conducted online searches about how to defect to countries that do not extradite to the United States,” prosecutors wrote in the motion.
Over the course of more than two weeks, in November, prosecutors said Wagenius exchanged emails with one country’s military intelligence service to sell information he gained through hacking.
According to the detention motion, “days after he apparently finished communicating with Country-1’s military intelligence service, Wagenius Googled, ‘can hacking be treason.’”
Federal investigators did not confirm if the address Wagenius had been emailing was legitimately linked to the country’s intelligence service, according to prosecutors.
“What is significant, however, is that Wagenius believed that it did,” prosecutors argued.
A month earlier, in October, prosecutors said Wagenius’ online searches suggested he wanted to escape the U.S., according to prosecutors, who said he also searched for information on defecting to the country to which he was trying to sell stolen data.
His online searches, according to court filings, include:
- “where can i defect the u.s government military which country will not hand me over”;
- “U.S. military personnel defecting to Russia”; and
- “Embassy of Russia – Washington, D.C.”
In early December, federal authorities executed a search warrant at his U.S. Army barracks room and seized his laptop and other electronic devices, according to prosecutors.
About two days later, Wagenius’ commanding officer gave him orders, banning him from using or buying electronic devices, court documents say.
On Dec. 7, Wagenius ignored the orders, bought a laptop and used it in the Army barracks, according to prosecutors.
Wagenius is set to be sentenced on the charges of unlawful transfer of confidential phone records information on Sept. 10, records show.
In the case involving the hacking and extortion charges, prosecutors on July 15 motioned for Wagenius’ detention, arguing that he is a serious flight risk.
U.S. Magistrate Judge Mary Alice Theiler granted the motion the same day, when he pleaded guilty, records show.
Wagenius faces up to 20 years in prison on the conspiracy to commit wire fraud charge, up to five years in prison on the extortion charge, and “a mandatory two-year sentence consecutive to any other prison time for aggravated identity theft,” prosecutors said.
His sentencing hearing for those charges is scheduled for Oct. 6, according to the U.S. Attorney’s Office.
©2025 The Sacramento Bee. Visit sacbee.com. Distributed by Tribune Content Agency, LLC.
