Canadian authorities have arrested Alexander “Connor” Moucka, the alleged hacker behind a series of breaches affecting customers of Snowflake Inc., a major cloud data services provider.
The arrest was made on October 30 following a provisional warrant request by U.S. officials as reported by
Bloomberg and
404 Media. Moucka, who also goes by the aliases “Judische” and “Waifu,” is accused of orchestrating a string of high-profile hacks affecting at least 165 Snowflake accounts, exposing millions of individuals' personal data from major companies, including
AT&T,
Ticketmaster, and
Advance Auto Parts.
The hacks reportedly involved the misuse of compromised login credentials that Moucka allegedly obtained from cybercriminal forums. Many affected companies did not employ multi-factor authentication (MFA), making them more vulnerable to these hacking attempts.
Intel471 has further reported that Moucka was an active participant in underground cybercrime forums where he allegedly used multiple pseudonyms, including “ellyel8,” to engage in a range of illicit activities. This persona has been linked to a group known as “The Com,” a network of loosely associated hackers known for widespread cyber attacks, SIM-swapping schemes, and identity theft. This group is reported to be behind several significant hacks in recent years, leveraging stolen credentials to gain access to sensitive corporate and personal data.
The extensive breaches linked to Snowflake began surfacing in May 2024, when companies that use Snowflake infrastructure started disclosing unauthorized access incidents. Security firm
Mandiant foundthat infostealer malware like Vidar and RedLine had captured login credentials that were later resold on cybercrime marketplaces. These stolen credentials were subsequently used to access customer accounts that lacked MFA, enabling unauthorized access to massive data stores.
Moucka's alleged breaches affected high-profile clients, and he or his associates even offered to sell large datasets on forums, advertising the stolen data for as much as $20 million in one instance.
Despite repeated inquiries, neither Canadian nor U.S. authorities, including the Royal Canadian Mounted Police, FBI, and U.S. Department of Justice, have officially commented on the case. The lack of formal statements underscores the confidential nature of the ongoing investigation, though Canadian authorities did confirm Moucka's arrest.
The case against Moucka remains under development, and more information should become available as soon as the case enters the legal proceedings phase, with possible extradition to the United States on the horizon.
