Gonzalez sentenced to 20 years for Heartland break-in

Update: Term to run concurrently with 20-year terms from two other cases Thursday

Hacker Albert Gonzalez, who participated in a cybercrime ring that stole tens of millions of credit and debit card numbers, was sentenced Friday in U.S. District Court to 20 years in prison.

The sentence, imposed by U.S. District Court Judge Douglas P. Woodlock, was for Gonzalez's role in a hacking ring that broke into computer networks of Heartland Payment Systems, which processed credit and debit card transactions for Visa and American Express, Hannaford Supermarkets and 7-Eleven.

The sentence is actually 20 years and one day, owing to the need to deal with peculiarities in sentencing statutes, because Woodlock had to take into account that Gonzalez was on pretrial release for an unrelated crime when he took up with the international network of hackers responsible for the security breaches.

He was at the time supposed to be serving as an informant for the U.S. Secret Service, but he double-crossed the agency, supplying a co-conspirator with information obtained as part of those investigations.

"I am guilty of these crimes ... I accept full responsibility for these actions," Gonzalez said at the sentencing, reiterating what he said Thursday about "exploiting" his relationship with a government agency, though he did not name it.

He also referred to the "dishonor" he brought to his parents and their home, where he buried more than $1 million in the backyard. He forfeited that money, as well as other goods, when he was arrested.

"I plead for leniency," he said. "I understand that the road to redemption is going to be long for me," adding that it was his hope, however, that he would be able to be on that road someday.

The sentence will run concurrently with two other 20-year concurrent sentences meted out Thursday, also in the U.S. District Court for the District of Massachusetts, by a different federal judge, Patti B. Saris.

Gonzalez pleaded guilty in all three cases last December, with the U.S. Department of Justice agreeing to seek no more than 25 years in prison in each case, all to run concurrently.

Gonzalez, 28, was living in Miami at the time of the crimes in the three cases, which occurred over almost two years before he was arrested in May of 2008 and subsequently indicted in New York, New Jersey and Massachusetts, with the cases eventually being moved to the same federal court jurisdiction.

Besides the companies targeted in the case heard Friday, a ring that Gonzalez led hacked into computer networks of major retailers including TJX, DSW, Barnes & Noble, Office Max and Dave & Buster's.

1 2 3 Page
FREE Computerworld Insider Guide: IT Certification Study Tips
Editors' Picks
Join the discussion
Be the first to comment on this article. Our Commenting Policies