Gonzalez's lawyer to contend he was not the kingpin of Heartland, Hannaford breaches

Computerworld - The attorney for Albert Gonzalez, the man indicted Monday on charges related to the massive data thefts at Heartland Payment Systems and four other retailers, claims it was another member of Gonzalez's gang who was the real leader of the heists.

In an interview with the New York Times, Gonzalez's lawyer, Rene Palomino, said he was prepared to argue that the person who organized the break-ins at Heartland and elsewhere was really Damon Patrick Toey of Miami.

Palomino said Toey is the individual who was identified only as "P.T," an unindicted co-conspirator in Monday's indictment papers. Palomino also told the Times that one of the unnamed Russian conspirators mentioned in the indictment is an individual named Maksym Yastremski, who is currently serving a 30-year sentence in a Turkish prison.

Toey was one of 11 individuals, including Gonzalez, who were indicted last year on charges related to the data thefts at TJX Companies Inc., Dave & Busters, BJ's Wholesale Club, OfficeMax, Boston Market, Barnes & Noble, Sports Authority, Forever 21 and DSW.

Court documents associated with those indictments describe Toey as the individual whom Gonzalez relied on to launch SQL injection attacks against various Web servers and databases handling payment card data. Prosecutors have alleged that the same method was used in the data heists for which Gonzalez was indicted on Monday.

Toey pleaded guilty to his involvement in TJX and the other hackings last year and is scheduled to be sentenced in November on those charges. Yastremski was also one of those indicted last year in connection with those breaches. Prosecutors have described Yastremskiy as one of the biggest resellers of stolen payment card data to be ever targeted by the Secret Service.

Gonzalez was indicted in New Jersey on Monday on charges that he was responsible for the data thefts at Heartland, Hannaford Bros., 7-Eleven Inc., and two other unidentified retailers. Federal authorities alleged Gonzalez, who used the online nicknames soupnazi and segvec, masterminded an international operation that stole a staggering 130 million payment cards. Two unidentified Russian citizens were also indicted. Gonzalez, currently in a Brooklyn detention center, was indicted last year in New York and Massachusetts in connection with the breaches at TJX and elsewhere.

The Times article says Gonzalez was close to reaching a "comprehensive plea agreement" with federal prosecutors in Massachusetts and New York, when he was hit with the indictments in New Jersey this week. Prior to those indictments, Gonzalez had been "very close" to accepting responsibility for the crimes he had been charged with last year in return for a prison sentence of around 20 years or so, theTimes quoted Palomino as saying.

In a conversation with Computerworld this morning, Palomino said that he hopes to hammer out a new agreement with prosecutors over the next several weeks that will cover charges in all three indictments . "We're trying to work out one small detail that's left," he said. Attempts to confirm Palomino's comments to the Times were not successful.

Read more about cybercrime and hacking in Computerworld's Cybercrime and Hacking Knowledge Center.