"J4guar17" a/k/a "Soupnazi" a/k/a Super Hacker Albert Gonzalez Pleads Guilty to One of the Largest Data Thefts in U.S. History
Once again demonstrating the massive potential for crime created by our digital age, 28 year-old Albert Gonzalez pled guilty to two counts of conspiracy to gain unauthorized access to payment card networks last week in the U.S. District Court for the District of New Jersey according to a DOJ press release. Gonzalez was charged with hacking into the computer networks of major financial and retail organizations and stealing data on tens of millions of credit cards and debit cards, in one of the largest data breaches in U.S. history. He gained unauthorized access to the payment card networks of New Jersey-based, Heartland Payment Systems; Texas-based convenience store chain 7-Eleven; and Hannaford Brothers Co. Inc., a Maine-based supermarket chain. He was indicted in New Jersey in August 2009. In September 2009, Gonzalez also pled guilty in the U.S. Distric Court for the District of Massachusetts to 19 counts of conspiracy, computer fraud, wire fraud, access device fraud and aggravated identity theft for hacking into retailers including TJX Companies, BJ’s Wholesale Club, OfficeMax, Boston Market, Barnes & Noble and Sports Authority. In the same month, he pled guilty to a count of conspiracy to commit wire fraud for hacking into the system of Dave and Buster's, a restaurant chain, in the U.S. District Court for the Eastern District of New York.
Gonzalez had several servers, or "hacking platforms," and would give access to the servers to other hackers. Gonzalez and others would use the platforms to store malicious software, or "malware," in launching attacks on their victims. Gonzalez's plea agreement states that it was forseeable that Gonzalez and his co-conspirators would have used the malware to steal tens of millions of credit and debit card numbers, affecting more than 250 financial institutions.
Gonzalez tested malware by running multiple anti-virus programs in an attempt to ascertain if the programs detected the malware. According to information in the plea agreement, it was foreseeable to Gonzalez that his co-conspirators would use malware to Gonzalez was indicted in New Jersey in August 2009 for this criminal conduct. His plea agreement provides for a sentence of imprisonment between 17 and 25 years. He is scheduled to be sentenced in the Massachusetts, New York and New Jersey cases in March.
The charges against Gonzalez are staggering in their scope. They also demonstrate that would-be cybercriminals should consider their online aliases carefully, as they may resurface in a Federal indictment, as in the case of Albert Gonzalez a/k/a "j4guar17" a/k/a "soupnazi," etc.
