14 DAY TRIAL // Albert Gonzales, the most prolific credit card thief in history, was sentenced to twenty years in a federal prison yesterday. The sentence is only for the 2005 attacks against TJX, Office Max, Barnes & Noble, Dave & Busters and a few other retailers; however, the hacker is also awaiting sentencing in a different case.
According to the authorities, Gonzales and his gang stole data for over 90 million credit and debit cards, causing more than $200 million in damages and affecting a total number of people bigger than the population of some large cities. Wired reports that U.S. District Judge Patti Saris, who delivered the sentence on Thursday in Boston, settled on 20 years after the prosecution pushed for the maximum of 25 and the defense proposed 15.
The judge only fined him $25,000, but that's because the amount he will be ordered to pay at an upcoming hearing will probably be in the order of tens of millions of dollars. "You’re never possibly going to be paying back all the restitution that’s going to be ordered,” the judge told Gonzales, when sentencing him.
Albert Gonzales, now 28, began his cyber-criminal life on underground forums where hackers exchange stolen credit card information and other personal information. Authorities arrested Gonzales in New York in 2003 for using fraudulent cards to withdraw cash from ATMs, but released him in exchange for his assistance in bringing down other carders.
Following a successful sting operation instrumented with his help, the U.S. Secret Services hired him as deliverer of paid information on a $75,000/year salary. However, Gonzales secretly resumed his old habits and using a different online identity, started planning what was to become the largest identity theft operation in history.
After breaching the computer network at TJX, one of the largest retail groups in the world, the hacker and his associates planted a sniffer program that siphoned credit card data passing through it in real-time. Similar information was also stolen from the networks of other retailers and uploaded to servers in Eastern Europe.
In addition, the hacker will be sentenced today for his instrumental role in a different case involving breaches at Heartland Payment Systems, Hannaford Brothers, 7-Eleven and others, which resulted in an additional 130 million credit cards being stolen. The charges related to these hacks, to which Gonzales already pleaded guilty last year, carry a possible sentence of between 17 and 25 years in prison. However, it will be served concurrently with the 20-year one.