Charges unsealed for alleged hackers of Snowflake customers


Moucka and Binns were indicted last month for their alleged roles in hacking into the computer networks of at least 10 organisations. — Dreamstime/TNS

Charges were unsealed for two men suspected of carrying out cyberattacks against customers of Snowflake Inc, providing new details about the breaches.

Connor Riley Moucka, who lives in Canada, and John Erin Binns, who lives in Turkey, were indicted last month for their alleged roles in hacking into the computer networks of at least 10 organisations, stealing sensitive data, threatening to leak it unless the victims paid a ransom and offering it for sale to other criminals, according to prosecutors.

The cybercrimes took place between November 2023 and October 2024, and the attackers – who include Moucka, Binns and unnamed co-conspirators – accessed billions of call and text history records, banking and financial information, payroll data, Drug Enforcement Agency registration numbers, passport numbers, Social Security records and other personal information. They allegedly extorted US$2.5mil worth of Bitcoin from three of their victims.

While the US doesn’t identify Snowflake or its customers who were attacked, the indictment description of "Victim-1” resembles the software company. The indictment describes Victim-1 as a US-based software-as-a-service provider that lets customers upload and store data in online storage environments.

Attorneys for Moucka and Binns couldn’t be reached for comment.

A representative for Snowflake declined to comment. The charges were unsealed on Friday, according to a person familiar with the case.

One of the other victims was a large US-based telecommunications company. The US accuses Moucka and Binns of accessing “approximately 50 billion customer call and test records, including dialed numbers, for commercial advantage”. A major retailer, an entertainment company and a health-care provider are also listed as victims, along with a company in Europe that had personnel in the US, according to the indictment.

Companies including AT&T Inc, Live Nation Entertainment Inc and Advance Auto Parts Inc have previously disclosed that they’d been affected by the attacks in June and July.

The hackers used software they described as "rapeflake” to access the cloud-computing environment of their victims, according to prosecutors.

Bloomberg first reported the Oct 30 arrest of Moucka in Kitchener, Ontario, after three people familiar with the case confirmed he was linked to the attacks. – Bloomberg

Follow us on our official WhatsApp channel for breaking news alerts and key updates!

   

Next In Tech News

How 'CoComelon' became a mass media juggernaut for preschoolers
Evolution of smartphone damage: From drips to drops
Are you tracking your health with a device? Here's what could happen with the data
US judge rejects SEC bid to sanction Elon Musk
What's really happening when you agree to a website's terms of service
Samsung ordered to pay $118 million for infringing Netlist patents
Sirius XM found liable in New York lawsuit over subscription cancellations
US Supreme Court tosses case involving securities fraud suit against Facebook
Amazon doubles down on AI startup Anthropic with another $4 billion
Factbox-Who are bankrupt Northvolt's creditors?

Others Also Read