Former Barclays programmer gets four years for role in TJX attacks
Zaman pleaded guilty to helping Gonzalez gang launder money from data theft scheme
Computerworld - A former Barclays Bank programmer who helped launder money for the mastermind behind the data thefts at TJX Companies Inc. and other retailers was sentenced to four years in prison by a federal court in Boston on Thursday.
Humza Zaman, 33, was also ordered to pay a fine of $75,000 and will be under three years of court supervision upon his release.
Zaman last April had pleaded guilty to a one-count indictment charging him with a litany of offenses, including money laundering, unlawful access to computers, identity theft and wire fraud. Zaman's sentence is due to begin on April 12.
Court papers said Zaman helped Albert Gonzalez, the leader of the criminal gang behind the TJX attacks, launder $600,000 to $800,000 in stolen money. Zaman is believed to have received about 10% of the total for his effort.
Gonzalez was one of 11 individuals arrested in August 2008 in connection with the massive data thefts at TJX, BJ's Wholesale Clubs Inc. and numerous other retailers. In all, Gonzalez and his gang are believed responsible for stealing data more than 130 million credit and debit cards over a six-year period going back to 2003.
Gonzalez, who is from Miami, last year pleaded guilty to his role in the attacks and is awaiting sentencing. Under the terms of a plea agreement with federal prosecutors, Gonzalez will receive a minimum sentence of 17 years in prison.
According to court papers, Zaman's role in the operation was limited to helping Gonzalez repatriate proceeds from the sale and use of stolen credit card data. Gonzalez would often have money sent to a bank account in Latvia, and Zaman would arrange to have the money sent back to the U.S.
At one time, for example, Zaman used ATM cards linked to several fictitious accounts to withdraw more than $38,000 from Gonzalez's Latvian bank account. He then sent the money to Gonzalez, after keeping a 10% cut. Zaman also traveled from New York to California on multiple occasions to meet with an individual who would give him between $100,000 and $250,000 in cash. After taking his cut, Zaman would put the money in Federal Express boxes and ship it to Gonzalez using a fictitious name, the court papers said.
In March 2008, Zaman, who was working at Barclays at the time, sent a copy of the bank's ATM transaction log to Gonzalez to see if it would be of any value to his gang. That data, however, appears never to have been used by the gang, the court papers noted.
In recommending a 46-month sentence for his actions, prosecutors noted that Zaman "incontrovertibly knew that Gonzalez was a major hacker who profited handsomely from identity theft from major corporations." However, there is no evidence to show that Zaman participated in any of the intrusions or knew of their scope.
In a presentencing memo, prosecutors described Zaman as an individual with a normal childhood who read a lot, had a lot of friends and was a member of numerous after-school clubs. Between 1999 and the time of his arrest in March 2009, Zaman progressed through a "series of jobs with increasing responsibility" and saw his annual salary increase from $30,000 to more than $130,000 plus bonuses. However, a lifestyle characterized by partying and the use of expensive recreational drugs meant that Zaman "needed cash beyond his six-figure legitimate income," the memo noted.
Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan, or subscribe to Jaikumar's RSS feed . His e-mail address is firstname.lastname@example.org.
- University of North Florida breach exposes data on 107,000 individuals
- Zeus Trojan bust reveals sophisticated 'money mules' operation in U.S.
- GAO slams White House for failing to lead on cybersecurity
- Man charged with attack on Web site of Fox News' Bill O'Reilly
- Heartland breach expenses pegged at $140M -- so far
- IT contractor gets five years for $2M credit union theft
- Democracy would suffer if Google left China, says MIT panel
- Gonzalez accomplice gets five years for hacking TJX
- Threat of cyberattacks from overseas high, federal IT execs say
- Botnets 'the Swiss Army knife of attack tools'
Read more about Security in Computerworld's Security Topic Center.
- Troubleshooting Common Issues in VoIP Learn more about Voice over Internet Protocol (VoIP), including common VoIP metrics used, best practices in VoIP management and tips and tricks for...
- 2013 Network Management Software (NMS) Buyers Guide This white paper contains an independent comparison study of six different network management solutions and provides guidance on how you can choose the...
- Rightsizing Your Network Performance Management Solution: 4 Case Studies This white paper discusses challenges encountered as organizations search for the most cost-effective network performance management solution.
- Global Growing Pains: Tapping into B2B Integration Services to Overcome Global Expansion Challenges A recent survey by IDG Research explored both the challenges and pain points companies face when growing globally, as well as the capabilities...
- E-Signature RFP Checklist Webcast If your organization is looking to adopt e-signatures, you may be overwhelmed by the number of providers that offer seemingly similar solutions. How...
- Cloud and Collaboration: Driving Your Business Value Mission Critical Cloud from Peer 1 Hosting is enterprise-grade. All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!