2nd UPDATE: 3 Indicted In Conspiracy To Steal Credit Data
18 August 2009 - 8:22AM
Dow Jones News
A Florida man and two unnamed co-conspirators were charged
Monday with hacking into major commercial computer networks and
stealing data for more than 130 million credit and debit cards, the
largest data theft ever charged in the U.S.
Prosecutors alleged that Albert Gonzalez, 28, of Miami and two
unnamed computer hackers in Russia stole the data by penetrating
computer networks that supported leading American retail and
financial businesses.
Corporations allegedly victimized include Heartland Payment
Systems Inc. (HPY), a New Jersey-based card payment processor;
7-Eleven Inc., a Texas-based nationwide convenience store chain;
and Hannaford Brothers Co., a Maine-based supermarket chain.
Prosecutors also said two other unnamed corporations, both major
national retailers, were hacked. Their identities were not released
because investigations into those data breaches are ongoing, said a
spokesman in the U.S. attorney's office in New Jersey.
Gonzalez, who was charged in a New Jersey federal court, has
been in federal custody since last year and is facing other hacking
charges in Boston and New York that could put him in prison for
life.
He was charged last year in Boston with hacking into the
computer systems of several major retailers, including TJX Cos.
(TJX), BJ's Wholesale Club Inc. (BJ), OfficeMax Inc. (OMX), Boston
Market, Barnes & Noble Inc. (BKS), Sports Authority Inc. (TSA)
and DSW Inc. (DSW).
That theft allegedly netted more than 40 million credit and
debit card numbers. A trial is scheduled for 2010.
Gonzalez also was charged in New York last year with hacking
into the computers of the Dave & Buster's restaurant chain, and
a trial on those charges is scheduled to begin next month in Long
Island.
He is currently being held at a detention center in Brooklyn. A
lawyer for Gonzalez did not return a call for comment.
According to Monday's indictment, Gonzalez, also known as
"segvec," "soupnazi" and "j4guar17," and his co-conspirators
committed the theft from October 2006 to May 2008, and sent the
data to computer servers they operated in California, Illinois,
Latvia, the Netherlands and Ukraine.
Prosecutors alleged that the defendants used sophisticated
techniques to cover their tracks and to avoid detection by the
anti-virus software used by their victims. Michael Norton, a
spokesman for Hannaford Supermarkets, said in a brief statement
that the company was pleased that authorities aggressively pursued
the case and were able to indict the alleged perpetrators.
Representatives for Heartland Payment Systems and 7-Eleven did
not return calls for comment.
-By Brent Kendall, Dow Jones Newswires; 202-862-9222;
brent.kendall@dowjones.com
(Kathy Shwiff contributed to this article.)