Former U.S. Army soldier Cameron John Wagenius pleaded guilty to hacking telecommunication companies and attempting to extort them by threatening to release stolen files, the Department of Justice announced on Tuesday.
According to the DOJ, Wagenius, who went online with the nickname “kiberphant0m,” conspired to defraud 10 victim companies by stealing their login credentials, using brute force attacks and other techniques, and then used Telegram group chats to transfer the stolen credentials and discusses hacks.
Wagenius and his conspirators also attempted to extort their victims in private and in public, including on hacking forums such as the notorious BreachForums. They sold some of the stolen data and also used the stolen credentials to commit other frauds, including SIM swapping victims.
Earlier this year, Wagenius had already pleaded guilty to hacking AT&T and Verizon, a breach that led to him stealing a massive amount of call records.
Wagenius’ sentencing is scheduled for October 6, and he faces 20 years in prison, according to the press release.
If you’re planning to travel internationally this year, you’ll want to have a solid game plan for phone coverage during your trip. There are several options available, including using a foreign SIM or eSIM, or even opting for a special travel SIM plan. For many, the most convenient method is simply using their carrier’s roaming solution, though not all carriers are created equal in this regard.
If your international roaming options are limited, you might be wondering if you can simply connect to an international Wi-Fi network to place phone calls instead. In most cases, the answer is yes, but whether you’re charged for it depends on your carrier’s policies.
Ensuring You Have Wi-Fi Calling
First, it’s important to ensure you have Wi-Fi calling in the first place. The good news is that every major US carrier now offers this feature, even most prepaid providers. However, some carriers may have device restrictions. For example, Cricket typically requires a Cricket-purchased device to use its Wi-Fi calling feature, with only a few exceptions. If you’re unsure whether your carrier supports Wi-Fi calling on your device, be sure to check their terms and conditions.
Will Wi-Fi calling be free internationally?
Once you’ve confirmed that you have Wi-Fi calling, you might be wondering if you can use it for free while traveling internationally. If you’re calling the US, the answer is almost always yes. However, if you’re calling other countries while on an international Wi-Fi connection, you can generally expect a charge.
A look around Reddit makes it clear some travelers have reported being charged for Wi-Fi calls to the US while abroad, and you may have experienced this yourself. While this can happen, in most cases, it can be prevented.
How to avoid charges for Wi-Fi calls to the US while abroad
No one likes unexpected charges. For many prepaid providers, if Wi-Fi calling fails, you simply won’t be able to place the call, which means you’re less likely to face an unexpected fee. However, some prepaid providers can and will charge extra fees to your default billing payment if it aligns with their terms.
Regardless of whether the charge is on a prepaid or postpaid account, the reason behind it is usually the same: If your Wi-Fi call drops without your knowledge, your phone may automatically switch to a roaming network, resulting in charges.
To prevent this, follow these steps:
Turn on Wi-Fi calling before leaving the US. This may seem simple, but if you don’t enable Wi-Fi calling before departure, you likely won’t be able to activate it once abroad. Additionally, avoid turning it off while traveling, as you may not be able to reenable it. Need help? Check out our guide to Wi-Fi calling for exact steps and more details.
Enable Airplane mode. Don’t just turn off your data; instead, activate Airplane mode and then connect to a Wi-Fi network. This ensures your phone won’t attempt to connect to a mobile network if there’s an issue with the Wi-Fi call.
I have an international calling plan; can I use that over Wi-Fi calling?
Let’s say you live in the US and are visiting France. You use Wi-Fi calling to contact a few French businesses. Will you be charged if you already pay for an international calling plan? For nearly every carrier, the answer is yes.
An international calling plan is designed to allow users in the US to call other countries without extra charges. However, if your Wi-Fi connection isn’t US-based, you will likely incur a roaming fee. Some users attempt to bypass this by connecting to a Wi-Fi network through a VPN, but there are no guarantees, and doing so could potentially violate your plan’s terms of service.
Some argue that it shouldn’t matter where you are when using Wi-Fi calling since the traffic is still routed to T-Mobile (or another carrier) the same way. In theory, this means there’s no extra cost to the carrier. However, there’s no real way around it; carriers like T-Mobile benefit from steering users toward purchasing international roaming add-ons.
It’s important to clarify that international calling plans and international roaming plans are not the same. An international calling plan allows you to call other countries from the US, while an international roaming plan enables you to place calls to and from other countries.
If you have an international roaming plan, you shouldn’t see additional charges for Wi-Fi calls, as long as both the numbers you’re calling and receiving calls from are covered under your plan. Of course, if you have an international roaming plan, you can also make calls using your mobile network directly.
What is the best alternative to Wi-Fi calling with your carrier?
Edgar Cervantes / Android Authority
If you don’t have an international calling plan and are looking for a cheap way to make calls while abroad, here are some options:
Use a VoIP service. A Voice over Internet Protocol (VoIP) provider lets you make free Wi-Fi calls to the US from any country. Our top recommendation is Google Voice: it may be more lightweight than other VoIP solutions, but it works well for Wi-Fi calling and offers competitive international rates, some as low as just a few cents per minute.
Check your carrier for add-on roaming plans. Even if your carrier doesn’t offer free roaming, it likely has some kind of international package you can purchase. Many prepaid carriers, including Google Fi, Mint Mobile, and others, offer affordable international add-ons.
Get a local SIM or eSIM. While this requires a tad more effort, the cheapest way to get international roaming service is to use a local SIM or eSIM provider. Many airports sell these through kiosks or small storefronts.
Consider a travel SIM plan. Travel SIMs and eSIMs are typically more expensive than local SIMs but offer greater convenience. You pay a provider for international data, and they partner with local carriers to give you seamless service while you travel.
The best carrier for international travel
Edgar Cervantes / Android Authority
Another option to consider is switching to a carrier where roaming isn’t an issue. For frequent international travelers, Google Fi is arguably the best option, even when compared to the big three carriers. Its Unlimited Plus plan costs just $65 per month or as low as $40 per line for four or more lines.
In addition to unlimited data, you get unlimited texts and data in over 200 countries, which activates instantly the moment you arrive — no changes or hassle required. You can learn more in our Google Fi plans guide or hit up the widget below to sign up for yourself.
Back in October, the FBI and Cybersecurity and Infrastructure Security Agency (CISA) admitted that they were looking into “the unauthorized access to commercial telecommunications infrastructure by actors affiliated with the People’s Republic of China.” These bad actors, collectively called “Salt Typhoon,” allegedly targeted US officials and staffers for the recently concluded presidential elections. A few days later, though, The Wall Street Journal reported that the group had access to a lot more people than originally thought. Basically, the hackers could have accessed the data of any American who’s a customer of AT&T and Verizon. That list of carriers has grown just a bit longer, because according to a new report by The Journal and Reuters, Salt Typhoon had also infiltrated T-Mobile’s network.
The hackers are believed to have exploited various vulnerabilities, such as those plaguing Cisco Systems routers, to get inside the carriers’ network. They also used AI and machine learning, The Journal said, and stayed inside some of the systems they infiltrated for over eight months. That’s enough time to get away with a bunch of sensitive data — they were allegedly able to access the phone lines of US senior national security officials, as well as the call logs and unencrypted texts of their targets. The hackers were also reportedly able to access the information collected by carriers to comply with surveillance requests from the American authorities.
A company spokesperson told The Journal that T-Mobile is “closely monitoring” the attacks and said that its systems and data “have not been impacted in any significant way.” They also said that the carrier didn’t find evidence that its customers’ information has been compromised in the security breach.
We’re almost at the end of 2024, a year that will go down as having seen some of the biggest, most damaging data breaches in recent history. And just when you think that some of these hacks can’t get any worse, they do.
From huge stores of customers’ personal information getting scraped, stolen and posted online, to reams of medical data covering most people in the United States getting stolen, the worst data breaches of 2024 have surpassed the 1 billion stolen records and rising. These breaches not only affect the individuals whose data was irretrievably exposed, but also embolden the criminals who profit from their malicious cyberattacks.
Travel with us to the not-so-distant past to look at how some of the biggest security incidents of 2024 went down, their impact and, in some cases, how they could have been stopped.
AT&T’s data breaches affect “nearly all” of its customers, and many more non-customers
For AT&T, 2024 has been a very bad year for data security. The telecoms giant confirmed not one, but two separate data breaches just months apart.
Although the stolen AT&T data isn’t public (and one report suggests AT&T paid a ransom for the hackers to delete the stolen data) and the data itself does not contain the contents of calls or text messages, the “metadata” still reveals who called who and when, and in some cases the data can be used to infer approximate locations. Worse, the data includes phone numbers of non-customers who were called by AT&T customers during that time. That data becoming public could be dangerous for higher-risk individuals, such as domestic abuse survivors.
That was AT&T’s second data breach this year. Earlier in March, a data breach broker dumped online a full cache of 73 million customer records to a known cybercrime forum for anyone to see, some three years after a much smaller sample was teased online.
But it wasn’t until a security researcher discovered that the exposed data contained encrypted passcodes used for accessing a customer’s AT&T account that the telecoms giant took action. The security researcher told TechCrunch at the time that the encrypted passcodes could be easily unscrambled, putting some 7.6 million existing AT&T customer accounts at risk of hijacks. AT&T force-reset its customers’ account passcodes after TechCrunch alerted the company to the researcher’s findings.
The lengthy downtime caused by the cyberattack dragged on for weeks, causing widespread outages at hospitals, pharmacies and healthcare practices across the United States. But the aftermath of the data breach has yet to be fully realized, though the consequences for those affected are likely to be irreversible. UnitedHealth says the stolen data — which it paid the hackers to obtain a copy — includes the personal, medical and billing information on a “substantial proportion” of people in the United States.
UnitedHealth has yet to attach a number to how many individuals were affected by the breach. The health giant’s chief executive, Andrew Witty, told lawmakers that the breach may affect around one-third of Americans, and potentially more. For now, it’s a question of just how many hundreds of millions of people in the U.S. are affected.
Synnovis ransomware attack sparked widespread outages at hospitals across London
A June cyberattack on U.K. pathology lab Synnovis — a blood and tissue testing lab for hospitals and health services across the U.K. capital — caused ongoing widespread disruption to patient services for weeks. The local National Health Service trusts that rely on the lab postponed thousands of operations and procedures following the hack, prompting the declaration of a critical incident across the U.K. health sector.
A Russia-based ransomware gang was blamed for the cyberattack, which saw the theft of data related to some 300 million patient interactions dating back a “significant number” of years. Much like the data breach at Change Healthcare, the ramifications for those affected are likely to be significant and life-lasting.
One of the NHS trusts that runs five hospitals across London affected by the outages reportedly failed to meet the data security standards as required by the U.K. health service in the years that ran up to the June cyberattack on Synnovis.
Ticketmaster had an alleged 560 million records stolen in the Snowflake hack
A series of data thefts from cloud data giant Snowflake quickly snowballed into one of the biggest breaches of the year, thanks to the vast amounts of data stolen from its corporate customers.
Cencora notifies over a million and counting that it lost their data:
U.S. pharma giant Cencora disclosed a February data breach involving the compromise of patients’ health data, information that Cencora obtained through its partnerships with drug makers. Cencora has steadfastly refused to say how many people are affected, but a count by TechCrunch shows well over a million people have been notified so far. Cencora says it’s served more than 18 million patients to date.
MediSecure data breach affects half of Australia:
Close to 13 million people in Australia — roughly half of the country’s population — had personal and health data stolen in a ransomware attack on prescriptions provider MediSecure in April. MediSecure, which distributed prescriptions for most Australians until late 2023, declared insolvency soon after the mass theft of customer data.
Kaiser shared health data on millions of patients with advertisers:
U.S. health insurance giant Kaiser disclosed a data breach in April after inadvertently sharing the private health information of 13.4 million patients, specifically website search terms about diagnoses and medications, with tech companies and advertisers. Kaiser said it used their tracking code for website analytics. The health insurance provider disclosed the incident in the wake of several other telehealth startups, like Cerebral, Monument and Tempest, admitting they too shared data with advertisers.
USPS shared postal address with tech giants, too:
And then it was the turn of the U.S. Postal Service caught sharing postal addresses of logged-in users with advertisers like Meta, LinkedIn and Snap, using a similar tracking code provided by the companies. USPS removed the tracking code from its website after TechCrunch notified the postal service in July of the improper data sharing, but the agency wouldn’t say how many individuals had data collected. USPS has over 62 million Informed Delivery users as of March 2024.
Evolve Bank data breach affected fintech and startup customers:
A ransomware attack targeting Evolve Bank saw the personal information of more than 7.6 million people stolen by cybercriminals in July. Evolve is a banking-as-a-service giant serving mostly fintech companies and startups, like Affirm and Mercury. As a result, many of the individuals notified of the data breach had never heard of Evolve Bank, let alone have a relationship with the firm, prior to its cyberattack.
National Public Data goes broke after millions of SSNs stolen
The company behind the data broker National Public Data filed for Chapter 11 bankruptcy protection in October, months after a massive data breach exposed some three billion records affecting around 270 million individuals, according to various analyses by security researchers. The data broker allowed its paying customers access to its vast databases of names, dates of birth, email and postal addresses, phone numbers, and Social Security numbers (even if not all of the data was accurate). The company said it had to file for bankruptcy as it can no longer generate the revenue to address the deluge of class-action lawsuits and mounting liability from state and federal regulators.
First published on June 28 and updated on October 14.
AT&T was facing a massive outage today, with service being unable for several hours.
The issue appears to have been resolved, and the service is coming back online.
It seems AT&T was experiencing a widespread outage, with customers across the country not getting a signal. As a result, users were unable to make calls, send messages, or access data. We’re seeing reports on X (formerly known as Twitter) and Reddit and a big spike on DownDetector.
From the user reports, the outage seems to have affected those using eSIMs. Since recent iPhones in the US have been eSIM-only, there is a chance that iPhone users are disproportionately affected. The outage also appears to have been nationwide. Users had been affected for as long as six hours.
Many users are also frustrated by AT&T’s lack of communication regarding the outage, as even stores and customer service were allegedly unaware of the issue. AT&T’s social media handle did not immediately acknowledge the outage, which could be one reason for the frustration.
More recently, though, it seems that the service is coming back online. An AT&T spokesperson gave us the following statement:
We’ve resolved a software issue that disrupted the ability of a limited number of our customers to connect to our wireless network. We apologize for the inconvenience and we appreciate our customers’ patience as we worked to resolve this issue.
Were you affected by the AT&T outage? Let us know in the comments below!
Got a tip? Talk to us! Email our staff at news@androidauthority.com. You can stay anonymous or get credit for the info, it’s your choice.
