Skip the navigation
News

Three indicted for hack attacks on Heartland, Hannaford

Largest data breach conspiracy hit 5 companies, led to theft of 130M credit card numbers

August 17, 2009 03:00 PM ET

Computerworld - A Miami man and two Russians today were indicted by a grand jury in New Jersey on charges of conspiring to commit some of the largest data breaches in U.S. history.

Albert Gonzalez, 28, and the two still-unnamed Russian citizens are charged with running an international scheme to steal more than 130 million credit and debit card numbers along with personally identifying information from five companies, including Heartland Payment Systems Inc., 7-Eleven Inc. and Hannaford Brothers Co. The two other companies were not named in the indictment because their breaches have not yet been made public.

"This represents another major step forward in our efforts to prosecute individuals responsible for these major data breaches," said Assistant U.S. Attorney Erez Liebermann, who is prosecuting the case with Assistant U.S. Attorney Seth Kosto. "It also further illustrates the ability of the U.S. to work with foreign law enforcement in these international cases and track down people even when they use sophisticated means."

The data breach at Heartland, which is based in Princeton, N.J., is considered to be one of the largest breaches involving credit cards ever reported in the U.S. Heartland said earlier this year that it has already spent or set aside more than $12.6 million to cover costs related to the intrusion there.

The data breach at Hannaford resulted in the reported theft of up to 4.2 million credit and debit card numbers from the company's systems.

Gonzalez, who is being held in a detention center in Brooklyn, N.Y., was indicted in the Eastern District of New York on May 12, 2008, and the District of Massachusetts on August 5, 2008, for his alleged involvement in separate conspiracies relating to data breaches at TJX Companies, Dave & Busters, BJ's Wholesale Club, OfficeMax, Boston Market, Barnes & Noble, Sports Authority, Forever 21 and DSW.

Before that, Gonzalez was arrested in New Jersey in 2003 on charges of ATM and debit card fraud.

Liebermann said he could not comment on the status of the others charged in the conspiracy.

The three are charged with conspiracy to gain unauthorized access to computers, conspiracy to commit fraud in connection with computers, and conspiracy to damage computers. They also are charged with conspiracy to commit wire fraud.

Each of the three faces up to 35 years in federal prison and a fine of $1.25 million.

Read more about Government IT in Computerworld's Government IT Topic Center.



Our Commenting Policies
Blog Spotlight
Sharky

Staff member at a senior center calls this pilot fish, complaining that her printer won't work. And since she's the kind of user who thinks computers just get in the way of getting her job done, fish has his work cut out for him.

Sharky
Sharky