Gonzalez's lawyer to contend he was not the kingpin of Heartland, Hannaford breaches
Damon Patrick Toey was the real leader of those attacks, Gonzalez's counsel says
Computerworld - The attorney for Albert Gonzalez, the man indicted Monday on charges related to the massive data thefts at Heartland Payment Systems and four other retailers, claims it was another member of Gonzalez's gang who was the real leader of the heists.
In an interview with the New York Times, Gonzalez's lawyer, Rene Palomino, said he was prepared to argue that the person who organized the break-ins at Heartland and elsewhere was really Damon Patrick Toey of Miami.
Palomino said Toey is the individual who was identified only as "P.T," an unindicted co-conspirator in Monday's indictment papers. Palomino also told the Times that one of the unnamed Russian conspirators mentioned in the indictment is an individual named Maksym Yastremski, who is currently serving a 30-year sentence in a Turkish prison.
Toey was one of 11 individuals, including Gonzalez, who were indicted last year on charges related to the data thefts at TJX Companies Inc., Dave & Busters, BJ's Wholesale Club, OfficeMax, Boston Market, Barnes & Noble, Sports Authority, Forever 21 and DSW.
Court documents associated with those indictments describe Toey as the individual whom Gonzalez relied on to launch SQL injection attacks against various Web servers and databases handling payment card data. Prosecutors have alleged that the same method was used in the data heists for which Gonzalez was indicted on Monday.
Toey pleaded guilty to his involvement in TJX and the other hackings last year and is scheduled to be sentenced in November on those charges. Yastremski was also one of those indicted last year in connection with those breaches. Prosecutors have described Yastremskiy as one of the biggest resellers of stolen payment card data to be ever targeted by the Secret Service.
Gonzalez was indicted in New Jersey on Monday on charges that he was responsible for the data thefts at Heartland, Hannaford Bros., 7-Eleven Inc., and two other unidentified retailers. Federal authorities alleged Gonzalez, who used the online nicknames soupnazi and segvec, masterminded an international operation that stole a staggering 130 million payment cards. Two unidentified Russian citizens were also indicted. Gonzalez, currently in a Brooklyn detention center, was indicted last year in New York and Massachusetts in connection with the breaches at TJX and elsewhere.
The Times article says Gonzalez was close to reaching a "comprehensive plea agreement" with federal prosecutors in Massachusetts and New York, when he was hit with the indictments in New Jersey this week. Prior to those indictments, Gonzalez had been "very close" to accepting responsibility for the crimes he had been charged with last year in return for a prison sentence of around 20 years or so, theTimes quoted Palomino as saying.
In a conversation with Computerworld this morning, Palomino said that he hopes to hammer out a new agreement with prosecutors over the next several weeks that will cover charges in all three indictments . "We're trying to work out one small detail that's left," he said. Attempts to confirm Palomino's comments to the Times were not successful.
Massive data thefts
- Update: Mastermind of TJX, Heartland breaches to plead guilty
- Alleged data-heist kingpin is a computer addict, lawyer says
- Gonzalez's lawyer to contend he was not the kingpin of Heartland, Hannaford breaches
- Hacking kingpin negotiating plea deal with feds
- Three indicted for hack attacks on Heartland, Hannaford
- TJX data breach: At 45.6M card numbers, it's the biggest ever
Read more about Cybercrime and Hacking in Computerworld's Cybercrime and Hacking Topic Center.
- Best iPhone, iPad Business Apps for 2014
- 14 Tech Conventions You Should Attend in 2014
- 10 Desktop Apps to Power Your Windows PC
- How to Add New Job Skills Without Going Back to School
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Who's Spying on You? You're aware of the threats of malware to your business but what about the ever-changing ground rules? Cybercriminals today are launching attacks against...
Red Hat Enterprise Linux - The Original Cloud Operating System
Linux adoption is growing against a number of measures, such as the
number of supercomputers that run Linux and the size of the contributing...
- OpenStack Hype vs. Reality: CIO Quick Pulse Open-source architecture can enable IT departments to build infrastructure-as-a-service (IaaS) clouds running on standard hardware.
- Building a Bridge to the Next Generation Data Center Selecting a widely adopted operating system is a foundational component of a standardization strategy.
- Webinar: Building a Big Data solution that's production-ready Big data solutions are no longer just a nice-to-have.
- Meg Whitman presents Unlocking IT with Big Data During this Web Event you will hear Meg Whitman, President and CEO, HP discuss HAVEn - the #1 Big Data platform, as well... All Cybercrime and Hacking White Papers | Webcasts