Andre Yoskowitz
13 Sep 2009 18:29
Albert Gonzalez, the 28 year old hacker accused of stealing and reselling over 170 million credit and ATM card numbers, has pleaded guilty this week to identity theft, wire fraud, computer fraud and conspiracy among 20 counts.
Gonzalez will also forfeit his Miami condo, a 2006 BMW 330i, thousands of dollars in jewelry and $2.7 million USD in cash.
Sentencing is set for December 8th, and Gonzalez is expected to be given 20 years, the maximum for his charges.
The hacker stole the credit card numbers using sql injection and packet sniffer malware software to create backdoors into the corporate systems of retailer chains TJX Companies, BJ's Wholesale Club, OfficeMax, Boston Market, Barnes & Noble, Sports Authority and Dave & Buster's. Gonazalez and two other conspirators also used wardriving, hacking using accessible Wi-Fi in retail stores. One of the conspirators is 7-foot-tall Stephen Watt, a Morgan Stanley investment banker who wrote the sniffing programs.
The three hackers would then sell the numbers or encode the data onto magnetic strips of blank ATM cards, using them to withdraw thousands of dollars from ATM machines.
"Technology has forever changed the way we do business, virtually erasing geographic boundaries," U.S. Secret Service Director Mark Sullivan said after the guilty the plea. "However, this case demonstrates that even in the cyber world, there is no such thing as anonymity."
Despite pleading guilty in Massachusetts and New York, there are still charges pending in New Jersey, where Gonzalez is accused of stealing numbers from Hannaford Brothers, 7-Eleven and Heartland Payment Systems, a card payment processing company.