28-year old former FBI Informant Albert Gonzalez has pleaded guilty to 20 federal charges that identify him as the brain behind what now stands as the biggest identity theft in US history.
The hacker, who lives in Miami, could face up to a minimum of 15 years in prison although the jury could increase this by 10 extra years. In addition, Gonzalez has been forced to return two million dollars, his Miami apartment, a 2006 BMW 330i, a Tiffany diamond ring and Rolex watches.
His hacks involved sifting through the databases of some major US retailers (like TJX Companies - which owns popular clothes retailer TK Maxx, BJ's Wholesale Club, OfficeMax, Boston Market, Barnes & Noble and Sports Authority) and steal details of more than 40 million credit cards.
For that he used sophisticated "sniffer" applications as well as driving around its targets like retail stores to look for unsecured wireless network access points to penetrate the retailers' systems and download payment data.
But a bigger charge could add to the woes of Mr Gonzalez and his two other Russian collaborators. It is claimed that they stole credit and debit card details of 130 million users from payment processors including Heartland Payment Systems, 7-Eleven Inc., and Hannaford Brothers Co. Inc.
In a statement to the press, the Justice Department commented that "Gonzalez and his co-conspirators sold the numbers to others for their fraudulent use and engaged in ATM fraud by encoding the data on the magnetic stripes of blank cards and withdrawing tens of thousands of dollars at a time from ATMs".
This case reminds us of the Gary McKinnon's. The Scottish hacker could face 70 years in a federal prison while Gonzalez, for all the harm he and his henchmen did to millions, face 25 years. McKinnon got nothing out of his hacks except the adrenaline whereas Gonzalez probably still has a few millions stashed around. Ironically, Gonzalez was once an informant for the FBI.