Hacking kingpin negotiating plea deal with feds
Gonzalez's attorney, U.S. working to hammer out plea deal to cover three indictments
Computerworld - The former government informant facing three separate indictments for allegedly being behind the largest data breaches in U.S. history is being offered a plea deal, U.S. and defense attorneys confirmed today.
The plea negotiations with Albert Gonzalez, 28, of Miami, who was indicted Monday for the third time in connection with major data breaches, were confirmed by a source inside the U.S. Department of Justice, who asked not to be identified, and Attorney Rene Palomino of Miami, who's representing Gonzalez.
Palomino said he hopes to reach an agreement with prosecutors that covers charges in all three indictments over the next several weeks. "We're trying to work out one small detail that's left," he said.
In the latest indictment, handed down by a federal grand jury in New Jersey, Gonzalez and two accomplices were charged with running an international scheme to steal more than 130 million credit and debit card numbers, as well as personal identifying information from five companies, including Heartland Payment Systems, 7-Eleven and Hannaford Bros.
Gonzalez was also indicted by grand juries in the Eastern District of New York on May 12, 2008, and the District of Massachusetts on Aug. 5, 2008, on charges related to separate data breaches at TJX, Dave & Buster's, BJ's Wholesale Club, OfficeMax, Boston Market, Barnes & Noble, Sports Authority, Forever 21 and DSW.
Before the Heartland hack was disclosed, the TJX breach had been considered the largest ever, with 45.6 million credit and debit card numbers stolen.
An all-encompassing deal would mean that the government would not have to put on three separate criminal trials.
Right now, Gonzalez is being held in a detention center in Brooklyn, N.Y., awaiting a scheduled September trial for the Dave & Buster's breach. If no deal is reached, he then would face a separate trial in Massachusetts and a third one in New Jersey.
Palomino, who claims his client suffers from computer addiction, today said that he had been negotiating a plea deal with prosecutors even before the New Jersey indictment was announced yesterday. "This New Jersey indictment is nothing new," he added. "We knew something was coming out, and it was always part of the negotiations."
Gonzalez became an informant for the U.S. Secret Service after his 2003 arrest in New Jersey on charges of ATM and debit card fraud, according to another DOJ official, who also asked not to be named.
In 2004, Gonzalez provided information that helped the U.S. Attorney's Office in Newark, N.J., bust up what at the time was one of the largest online centers for stolen identity and credit card information. The online underground marketplace, dubbed the Shadowcrew, was charged with trafficking more than 1.5 million stolen credit and ATM card numbers.
While Gonzalez was cooperating with the government, he allegedly was working with different hacker groups to steal millions of credit and debit card numbers, along with personally identifying information.
Assistant U.S. Attorney Erez Liebermann, who is prosecuting the case against Gonzalez in New Jersey, said that in addition to his alleged hacking skills, Gonzalez is a great organizer. He noted that Gonzalez is alleged to have worked with a different crew in each of the three incidents he has been indicted for.
Massive data thefts
- Update: Mastermind of TJX, Heartland breaches to plead guilty
- Alleged data-heist kingpin is a computer addict, lawyer says
- Gonzalez's lawyer to contend he was not the kingpin of Heartland, Hannaford breaches
- Hacking kingpin negotiating plea deal with feds
- Three indicted for hack attacks on Heartland, Hannaford
- TJX data breach: At 45.6M card numbers, it's the biggest ever
Read more about Government IT in Computerworld's Government IT Topic Center.
- 18 Hot IT Certifications for 2014
- CIOs Opting for IT Contractors Over Hiring Full-Time Staff
- 12 Best Free iOS 7 Holiday Shopping Apps
- For CMOs Big Data Can Lead to Big Profits
- Slideshow: 5 ways to lock down your mobile device
- Slideshow: 10 mistakes companies make after a data breach
- How to rob a bank: A social engineering walk through
- Which smartphone is the most secure?
If you think getting it right from day one is always what matters, you probably haven't been following technology too closely.
- IT Certification Study Tips
- Register for this Computerworld Insider Study Tip guide and gain access to hundreds of premium content articles, cheat sheets, product reviews and more.
- Mitigating DDoS Attacks with F5 Technology
- This document examines various DDoS attack methods and the application of specific ADC technologies to block attacks in the DDoS threat spectrum while...
- The DDoS Threat Spectrum
- Bolstered by favorable economics, today's global botnets are using distributed denial-of-service (DDoS) attacks to target firewalls, web services, and applications, often simultaneously.
- Defending Against Denial of Service Attacks
- By utilizing end-user interviews, this whitepaper explores a deeper understanding of DDoS defense plans and reveals the knowledge gaps around the Denial of...
- Strategic Solutions for Government IT
- This paper outlines why F5 is the optimum partner to help achieve the levels of security, performance and availability that are vital to...
- Osterman White Paper: The Need for Enterprise-Grade File Transfer
- Key trends in file transfer All Government IT White Papers
- Modernizing SAP environments with minimum risk - a path to Big Data Hear from top IDC analyst, Richard Villars, about the path you can start taking now to enable your organization to get the benefits...
- The Power of the Citrix Mobility Solution, XenMobile Does everything become a smartphone? Or does the smartphone begin to do everything? How can we afford to support BYOD? Rather, how can...
- BYOD Happens: How to Secure Mobility How to navigate the journey of securing mobility, including the BYOD corruption of IT, the top ten mobility strategies, and the mobility management...
- Fighting Fraud Videos: IBM Intelligent Investigation Manager Short videos about IBM Intelligent Investigation Manager (IIM) for Fraud. IIM optimizes the investigation of fraud for customers across many industries in both...
- IBM Intelligent Investigation Manager: Online Product Demo Intelligent Investigation Manager optimizes fraud investigation and analysis and it dynamically coordinates and reports on cases, provides analysis and visualization, and enables more...
- All Government IT Webcasts
Does your organization offer extensive benefits, cool perks, competitive salaries, opportunities for training and advancement? Then get it recognized!
Nominate your company or another deserving organization for Computerworld's 2014 Best Places to Work in IT list now through Dec. 20, 2013.