Hacker pleads after busted with 675K stolen cards

A Georgia man has pleaded guilty to fraud and identity theft after authorities found him in possession of more than 675,000 credit card numbers, some of which he obtained by hacking into business networks.

Rogelio Hackett Jr. pleaded guilty on Thursday to one count each of access device fraud and aggravated identity theft after authorities executed a search warrant at his home and discovered the card numbers, used to conduct fraudulent transactions totaling more than $36 million, on his computers and storage devices.

According to the indictment, authorities hunted Hackett down after monitoring his activity in internet relay chat (IRC) rooms and on underground forums, where he sold stolen card numbers, usually at $20 to $25 each to buyers around the world. He used the proceeds to make high-end purchases, such as a 2001 BMW X5 and a pair of $450 Louis Vuitton shoes.

In addition, Hackett was charged with obtaining devices used to create counterfeit credit cards.

According to prosecutors, Hackett started hacking in the late 1990s when he was a teenager and eventually was recruited to hack for profit.

He leveraged SQL injection vulnerabilities to access the networks of a number of businesses, including an unnamed online ticket provider in 2007 to steal 360,000 credit card numbers. He also purchased card data over the internet from individuals he believed lived in the United States, Russia and Ukraine.

The net began to close in on Hackett in 2009, after he sold 40 bogus credit cards for $1,180 to U.S. Secret Service agents.

He faces 12 years in prison when he is sentenced, scheduled for July 22. He also faces fines of $500,000 for the two charges. 

Additionally he agreed to the judge's restitution order of $36 million. Sentencing is scheduled for July 22.

Whitney Minter, Hackett's public defender, declined comment.