TJX hacker to plead guilty to Heartland breach

Share this article:
After admitting to the TJX hacks three months ago, Albert Gonzalez has now agreed to plead guilty to charges he broke into the network of Heartland Payment Systems and several other companies to steal more than 130 million credit and debit card numbers.

The plea agreement was filed Tuesday in U.S. District Court in New Jersey. Gonzalez, 28, of Miami admitted to hacking into Heartland, 7-Eleven, and Hannaford Bros. supermarket chain. In August, he was charged with conspiracy and conspiracy to engage in wire fraud for his role in the Heartland intrusion. He and two unnamed co-conspirators, residing in or near Russia, were accused of using SQL injection attacks to evade the victims' firewall to gain access to the network.

Gonzalez faces up to 20 years in prison if he is convicted on the wire-fraud conspiracy charge. The conspiracy charge carries a five-year sentence, and fines of $250,000 for each charge.

In conjunction with Tuesday's plea, a federal judge agreed to transfer the case to federal court in Massachusetts, where Gonzalez is awaiting sentencing for his role in a number of other hacks, which he pleaded guilty to in September.

He remains in federal custody on the separate charges of infiltrating several major retail chains, including TJX, which owns T.J. Maxx; Barnes & Noble; BJ's Wholesale Club; Boston Market; DSW; Forever 21; Office Max and Sports Authority -- and stealing more than 40 million credit card numbers.

Gonzalez faces up to 25 years in prison for these charges and is expected to be sentenced this month.

Share this article:

Sign up to our newsletters

More in News

Incapsula mitigates multi-vector DDoS attack lasting longer than a month

Incapsula mitigates multi-vector DDoS attack lasting longer than ...

Incapsula's scrubbing servers were able to filter out more than 50 petabits of malicious DDoS traffic aimed at a video game company for longer than a month.

UPS announces breach impacting 51 U.S. locations

The shipping and printing provider said malware has been present on some stores' computer systems since mid-January.

'Machete' espionage campaign targets orgs in Venezuela, Ecuador

The campaign targets Spanish speaking victims, which also appears to be the native language of attackers.