Hacking kingpin negotiating plea deal with feds
Gonzalez's attorney, U.S. working to hammer out plea deal to cover three indictments
Computerworld - The former government informant facing three separate indictments for allegedly being behind the largest data breaches in U.S. history is being offered a plea deal, U.S. and defense attorneys confirmed today.
The plea negotiations with Albert Gonzalez, 28, of Miami, who was indicted Monday for the third time in connection with major data breaches, were confirmed by a source inside the U.S. Department of Justice, who asked not to be identified, and Attorney Rene Palomino of Miami, who's representing Gonzalez.
Palomino said he hopes to reach an agreement with prosecutors that covers charges in all three indictments over the next several weeks. "We're trying to work out one small detail that's left," he said.
In the latest indictment, handed down by a federal grand jury in New Jersey, Gonzalez and two accomplices were charged with running an international scheme to steal more than 130 million credit and debit card numbers, as well as personal identifying information from five companies, including Heartland Payment Systems, 7-Eleven and Hannaford Bros.
Gonzalez was also indicted by grand juries in the Eastern District of New York on May 12, 2008, and the District of Massachusetts on Aug. 5, 2008, on charges related to separate data breaches at TJX, Dave & Buster's, BJ's Wholesale Club, OfficeMax, Boston Market, Barnes & Noble, Sports Authority, Forever 21 and DSW.
Before the Heartland hack was disclosed, the TJX breach had been considered the largest ever, with 45.6 million credit and debit card numbers stolen.
An all-encompassing deal would mean that the government would not have to put on three separate criminal trials.
Right now, Gonzalez is being held in a detention center in Brooklyn, N.Y., awaiting a scheduled September trial for the Dave & Buster's breach. If no deal is reached, he then would face a separate trial in Massachusetts and a third one in New Jersey.
Palomino, who claims his client suffers from computer addiction, today said that he had been negotiating a plea deal with prosecutors even before the New Jersey indictment was announced yesterday. "This New Jersey indictment is nothing new," he added. "We knew something was coming out, and it was always part of the negotiations."
Gonzalez became an informant for the U.S. Secret Service after his 2003 arrest in New Jersey on charges of ATM and debit card fraud, according to another DOJ official, who also asked not to be named.
In 2004, Gonzalez provided information that helped the U.S. Attorney's Office in Newark, N.J., bust up what at the time was one of the largest online centers for stolen identity and credit card information. The online underground marketplace, dubbed the Shadowcrew, was charged with trafficking more than 1.5 million stolen credit and ATM card numbers.
While Gonzalez was cooperating with the government, he allegedly was working with different hacker groups to steal millions of credit and debit card numbers, along with personally identifying information.
Assistant U.S. Attorney Erez Liebermann, who is prosecuting the case against Gonzalez in New Jersey, said that in addition to his alleged hacking skills, Gonzalez is a great organizer. He noted that Gonzalez is alleged to have worked with a different crew in each of the three incidents he has been indicted for.
Massive data thefts
- Update: Mastermind of TJX, Heartland breaches to plead guilty
- Alleged data-heist kingpin is a computer addict, lawyer says
- Gonzalez's lawyer to contend he was not the kingpin of Heartland, Hannaford breaches
- Hacking kingpin negotiating plea deal with feds
- Three indicted for hack attacks on Heartland, Hannaford
- TJX data breach: At 45.6M card numbers, it's the biggest ever
Read more about Government IT in Computerworld's Government IT Topic Center.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
If you use ‘password,’ one the worst passwords, as your password, fail to keep antivirus protection updated and don’t bother to deploy security patches to close critical vulnerabilities, then maybe you should consider working for the cybersecurity-clueless federal government; you’d fit right in, according to Senator Tom Coburn's cybersecurity and critical infrastructure report.
- IT Certification Study Tips
- Register for this Computerworld Insider Study Tip guide and gain access to hundreds of premium content articles, cheat sheets, product reviews and more.
- Changing the Way Government Works: Four Technology Trends that Drive Down Costs and Increase Productivity
- This paper discusses four technology-based approaches to improving processes and increasing
productivity while driving down department and agency costs.
- Mobile Policy Checklist
- Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Mobile Applications Case Study: 8 Billion Transactions a Day
- The story documents how the online brokerage company tradeMONSTER created a custom mobile app and the success gleaned from this initiative. Also covered...
- Who's afraid of the big (data) bad wolf? Survive the big data storm by getting ahead of integration and governance functional requirements
- This paper provides a detailed review of the best practices clients should consider before embarking on their big data integration projects.
- Understanding big data so you can act with confidence
- Automating information integration and governance and employing it at the point of data creation helps organizations boost confidence in their big data. All Government IT White Papers
- Mobile Apps and Devices Slash Customer Cycle Time Consolidated Engineering Laboratories' field employees used to collect data on triplicate forms that were sometimes hard to read and difficult to manage. After...
- Cloud Knowledge Vault Learn how your organization can benefit from the scalability, flexibility, and performance that the cloud offers through the short videos and other resources...
- Testimonial: Cystic Fibrosis Trust Peter Hawkins, the Head of IT for Cystic Fibrosis Trust, discusses the role CommVault's Simpana software platform plays in improving the company's information...
- PST Archiving: What is it and How is it Done? Learn more about what PST data is, the risks relating to it, and how the new PST Archiving feature in the Simpana 10...
- How to Select the Right IoT Platform We are rapidly entering a world where almost everything will be connected to the cloud and managing these connected things and leveraging the...
- All Government IT Webcasts