Canadian authorities detained Alexander Moucka, also known as “Connor,” on October 30, following a request from the United States in connection with a series of major data breaches involving Snowflake accounts. The detention, confirmed by Canada’s Justice Department, was executed under a provisional arrest warrant.
Moucka’s detention marks a significant development in a case involving approximately 165 breaches of Snowflake-stored data earlier this year. According to sources, the breaches impacted companies including AT&T, Ticketmaster, Advance Auto Parts, and a major U.S. school district. The data stolen in these breaches is extensive, with AT&T’s logs of calls and texts from over 100 million customers reportedly compromised, and the Ticketmaster breach alone impacting around 560 million users.
The case has garnered international attention, with Moucka having reportedly informed media outlet 404Media that he anticipated his arrest and was destroying evidence in preparation.
The U.S. Justice Department and FBI have yet to release further details on the charges. Canada’s Justice Department, citing confidentiality in extradition matters, has declined to disclose whether any devices were seized or if Moucka was detained alongside other suspects. The Ontario Superior Court and the U.S. DOJ also withheld comment on further developments.
The alleged breaches prompted Snowflake to engage cybersecurity firm Mandiant in May to investigate the scope of the incident. Mandiant’s findings clarified that Snowflake’s platform security remained intact, with hackers instead exploiting still-active credentials dating back to 2020. Mandiant’s analysis suggests the hackers, reportedly North American-based with ties to an associate in Turkey, exploited these credentials for unauthorized access.
In May, Turkish authorities detained alleged accomplice John Erin Binns following his indictment for involvement in an earlier hack of T-Mobile. The international nature of the alleged breaches has heightened global awareness and concern about the scale and reach of such cyber-attacks.
Sponsored • TRJ Ads
Inquiries: contact@therealistjuggernaut.com
