Gonzalez accomplice gets five years for hacking TJX
IDG News Service - Ending a chapter in one of the worst hacking cases in U.S. history, a federal judge handed down a five-year sentence Thursday to a 25-year-old man who helped steal tens of millions of credit card numbers.
Damon Patrick Toey had already pleaded guilty to charges that he sold batches of stolen credit card data, called dumps, on behalf of convicted hacker Albert Gonzalez and helped him infiltrate the systems of a number of companies. Gonzalez was sentenced last month to 20 years in prison, the longest sentence ever handed down in the U.S. for a computer crime.
Operating out of a Miami condominium owned by Gonzalez, Toey worked in a hacking ring that broke into systems belonging to a number of U.S. retailers, as well as Heartland Payment Systems, a major processor of U.S. credit card transactions.
Toey was sentenced by U.S. District Judge William Young in federal court in Boston. After serving his five-year sentence, he will undergo three years of supervised release. He must also pay a $100,000 fine.
Gonzalez led a crew of hackers who broke into networks by hacking wireless access points and then later used SQL injection attacks to access corporate databases via the Web. They broke into companies that included TJX, Office Max, Barnes & Noble and Dave & Buster's, ultimately selling millions of credit card numbers to Russian criminals and using some of the data to make unauthorized ATM withdrawals.
Toey is the last of six U.S. men to be sentenced in connection with the hacking. The group's offshore accomplices have not been arrested.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts