It started in 2006 with the Office Max data breach. Then, tumbling like dominoes, came TJX, Dave & Busters, Hannaford Brothers and 7-Eleven. According to today federal grand jury indictment, Albert “Segvec” Gonzalez was the hacker responsible for them all.
Gonzalez, 28, and two unnamed Russian co-conspirators are blamed for stealing more than 130,000,000 credit and debit card numbers from Heartland and Hannaford combined, according to the indictment.
“The fact that we’re not seeing a huge array of hackers capable of doing this, but rather a more select group demonstrates that there is a level of sophistication involved in these hacks,” Liebermann said.
The three are also considered suspects in other data breaches, including two involving national retailers. The retailers aren’t being identified because they haven’t yet gone public with their data breaches, Liebermann said.
Gonzalez--a former Secret Service informant--and another uncharged conspirator scoured the list of Fortune 500 companies, and researched their payment processing systems to identity potential weaknesses. The attacks were launched, malware stored and stolen data received on computers in California, Illinois and New Jersey in the United States, and in Latvia, Ukraine and the Netherlands.
Jury selection for the TJX-related trial will begin September 14 in Massachusetts.
Stephen Watt, the 25-year-old Morgan Stanley programmer who wrote the program Gonzalez’ credit card theft ring “Operation Get Rich or Die Tryin” used to pilfer the credit and debit card numbers from TJX and other companies, wasn’t charged in the Heartland and Hannaford hackings.