Former U.S. Army soldier Cameron John Wagenius pleaded guilty on Tuesday to conspiracy to commit wire fraud, extortion in connection with computer fraud and aggravated identity theft after admitting he hacked telecommunications companies and tried to ransom their data, the Justice Department said. Prosecutors said that between April 2023 and Dec. 18, 2024, Wagenius—using the alias “kiberphant0m”—and unnamed co-conspirators used a tool called “SSH Brute” and other methods to steal login credentials from at least 10 telecom providers, including AT&T and Verizon. The group threatened to publish or sell the stolen information on forums such as BreachForums and XSS.is unless the companies paid. The scheme sought at least $1 million and some of the stolen data was sold, with proceeds allegedly funding additional crimes such as SIM-swapping, according to court filings. Wagenius had already admitted in a separate case to unlawfully transferring confidential phone records obtained in the hacks. Sentencing is set for Oct. 6 in federal court in the Western District of Washington. Wagenius faces up to 20 years in prison for the wire-fraud conspiracy, up to five years for computer-related extortion and a mandatory consecutive two-year term for identity theft. The FBI and the Defense Criminal Investigative Service led the investigation, assisted by the U.S. Army Criminal Investigative Division.