Alexander “Connor” Moucka, the Canadian hacker accused of breaching 165 Snowflake customer accounts, has agreed to be extradited to the U.S. To face multiple federal charges. Moucka consented in writing before a Superior Court judge in Kitchener, Ontario last Friday.
Moucka faces 20 federal charges, including conspiracy to commit computer fraud, unauthorized access to protected computers, wire fraud, aggravated identity theft, and transmitting threats designed to compromise confidential information. The extradition was first reported by CyberScoop on March 24.
Operating under online aliases like “Judische” and “Waifu”. Moucka allegedly bragged on Telegram about hacking victims before the breaches were publicly confirmed. The bold claims drew the attention of cybersecurity researchers and law enforcement.
A forensic investigation by Google’s Mandiant found that the attackers exploited previously compromised credentials to infiltrate the Snowflake accounts. High-profile victims of the breach included Ticketmaster, Advanced Auto Parts, Neiman Marcus, State Farm, AT&T, and several others.
Moucka is believed to be connected to “The Com”, an underground cybercriminal network known for engaging in extortion, data theft, and hacking campaigns. U.S. prosecutors allege that Moucka worked with two co-conspirators, John Binns and Cameron Wagenius.
Wagenius was arrested in Texas on December 20 and charged with unlawful transfer of confidential phone records. Using the alias “Kiberphant0m”, he was suspected of leaking presidential call logs sourced from AT&T and Verizon.
Authorities believe this cybercrime ring used stolen credentials to infiltrate sensitive systems, steal confidential data, and extort major corporations, all while operating within online forums and Telegram channels.
Moucka’s consent to extradition signals a significant development in the ongoing investigation into the Snowflake breaches and related cybercrime activities. If convicted, he faces severe penalties under U.S. federal law.
The case underscores growing concerns over credential-stuffing attacks, insider leaks, and cyber extortion rings targeting U.S. companies and infrastructure — threats that continue to escalate in frequency and impact.
