PCI 3.0 special report: Reviewing the state of payment card compliance
A comprehensive collection of articles, videos and more, hand-picked by our editors
A federal judge on Friday sentenced Albert Gonzalez to 20 years in prison for his involvement in a series of massive data security breaches into Heartland Payment Systems Inc. and other companies.
On Thursday, he was sentenced to 20 years in prison for his role in the theft and sale of millions of credit and debit cards from TJX Companies Inc. and other retailers. He is to serve the two sentences concurrently, according to a court spokeswoman.
In December, Albert Gonzalez, 28, of Miami pleaded guilty in federal court in Boston to conspiring to hack into computer networks operated by Heartland Payment Systems, a payment processor, 7-Eleven Inc., Hannaford Brothers Co., and other retailers.
A federal grand jury indicted Gonzalez and two Russian hackers last August in the case involving Heartland; more than 130 million credit and debit card numbers from five companies were stolen in what officials called the largest credit and debit card data breach ever charged in the U.S.
According to the indictment, the trio researched the credit and debit card systems used by the companies and used SQL injection attacks to bypass network firewalls to steal the data. Prosecutors said the trio used a number of techniques to hide their activity, including testing their malware against antivirus products to evade detection.