Hacker releases call logs of Trump family, Kamala Harris

A hacker has released the phone numbers, allegedly belonging to United States Vice President Kamala Harris and some family members of President-elect Donald Trump, in an extortion bid against American telecom giant AT&T.

The cybercriminal published some call logs on a hacking forum, claiming they belong to First Lady-in-waiting Melania Trump, daughters Ivanka and Tiffany Trump, and a phone number for the iconic Mar-a-Lago resort in Florida.

The call logs are from 2022.

The hacker instructed AT&T to establish contact for negotiations and threatened to release “all presidential government call logs.” In an earlier post, the hackers claimed that AT&T paid ransom to remove surveillance data belonging to the Security Agency (NSA).

India Today’s Open-Source Intelligence (OSINT) team reviewed over 2,000 numbers and call details provided in the sample data tranche and ran some of the numbers in Truecaller, the Swedish app that identifies phone callers.

The app identified three phone numbers as those of ‘Kamala Harris,’ ‘Melania Trump,’ and ‘Ivanka Trump.’ Tiffany’s number, included in the sample, was identified as ‘The Trump Organ.’

Sample data suggests that while Harris often called her spiritual mentor and civil rights leader Amos Brown, Tiffany had frequent calls with her mother and Trump’s second wife, Marla Maples.

US publication The Nightly identified a number as belonging to Harris's campaign co-chair, Cedric Richmond, and reported it briefly spoke to him, indicating that the leaked number could be genuine.

In the past, the hacker, who goes by the name Kiberphantom, leaked data from the public telecommunication company Bharat Sanchar Nigam Limited (BSNL).

LINK TO ARRESTED HACKER

The cybercriminal demanded the release of “Waifu” – one of the handles used by Alexander “Connor” Moucka, who was arrested in Canada last week and is facing extradition to the US. He is accused of extorting some of the world’s largest corporations earlier this year.

Moucka is believed to be the leader of a hacking group that allegedly carried out several data breaches targeting customers of the cloud data storage company Snowflake.

Snowflake hosts massive amounts of data from large companies like AT&T. Reports suggest the cyberattacks accessed or stole data of about 164 customers, including Santander Bank, ticketing site Ticketmaster owner Live Nation Entertainment, and Ticketek owner TEG.

AT&T acknowledged at least two data breaches in March and July 2024. In a statement on July 12, the company said the compromised data includes “files containing AT&T records of calls and texts of nearly all of AT&T’s cellular customers, customers of mobile virtual network operators (MVNOs) using AT&T’s wireless network, as well as AT&T’s landline customers who interacted with those cellular numbers between May 1, 2022, and October 31, 2022.”

“The compromised data also includes records from January 2, 2023, for a very small number of customers,” the company confirmed.