Double agent who 'stole 130 million card details'

Hacker who agreed to help nail his accomplices now accused of greatest identity theft spree in history

He is handsome, he is rich – he reportedly splurged $75,000 (£45,000) on his own birthday one year – and has the kind of charm that could dazzle the hardest of men, says a federal secret service agent. But it's not your daughters you need to be locking up: it's your credit cards.

We have known for some time that the electronic identity-theft business is burgeoning. The US Treasury Department says it knows of 55,000 cases in just 10 years. But, as of now, it has its official poster boy. He is 28-year-old Albert Gonzalez, a man who allegedly has a special talent for this particular line.

That, at least, is the contention of the authorities in New Jersey, who late on Monday unveiled criminal charges against Mr Gonzalez identifying him as the leader of a three-man ring which, between October 2006 and May 2008, successfully siphoned off the data from no fewer than 130 million credit and debit cards in the US by hacking into the networks of several retail and financial giants including the 7-Eleven corner-shop chain.

The charges against Mr Gonzalez and two other unidentified men apparently working out of or close to Russia are causing considerable consternation for a multitude of reasons. For one, this may be the biggest criminal case involving the theft of credit card data ever uncovered. Second, some of the details of the alleged criminal career of Mr Gonzalez are raising eyebrows. For example: why didn't the Feds cotton on to all of this before?

It turns out that Mr Gonzalez was first detained in 2003 in connection with alleged nefarious hacking operations but was not prosecuted after he agreed to assist the secret service in trying to nail some of his accomplices. The authorities also agreed to allow him to move from the New York area to Miami.

Since May of last year, Mr Gonzalez has been a resident of a jail in Brooklyn awaiting trial on charges of hacking into the computer system of Dave & Buster's, a national restaurant chain based in Miami. He was allegedly trying to steal card numbers.

But later last year, the police were pointing to Mr Gonzalez again. In a separate case now pending in Boston, he was accused of being the ringleader of yet another data breach involving a series of companies, but most notably TJ Maxx retail in Massachusetts. On that occasion, prosecutors said, the ring had successfully purloined the details of 40 million cards and their activities had cost TJX – which owns TJ Maxx – about $200m (£120m).

The new set of charges eclipses all that came before, however. It also opens the window on a netherworld of electronic crime that will set off new alarm bells in capitals around the world. If one man can be responsible for this number of breaches, the problem may be bigger than anyone imagined.

If Mr Gonzalez is guilty it is also his chutzpah that shocks. He is "a very important player in a sophisticated ring that has real results at the street level of bank, retail, debit- and credit-card fraud," acknowledged Seth Kosto, an Assistant US Attorney in New Jersey who specialises in computer fraud.

According to court documents filed in the TJX case in Boston, Mr Gonzalez instigated what he called an "operation to get rich or die tryin'", which involved identifying some of the biggest companies in America and setting about assessing how vulnerable their payment systems were to being hacked.

It is alleged that, once Mr Gonzalez and his team had successfully penetrated a particular company's system, an electronic "back door" would be installed that in theory would allow them to return at any time to harvest even more credit card numbers.

The value of data from stolen credit cards depends on the market. But, according to the latest documents filed in the case, once the information was stolen it was immediately relayed to computers controlled by the ring in different parts of the world, including California and Ukraine.

Of course those least happy to hear details of Mr Gonzalez's alleged capers are the companies whose names feature in the latest charges, including a supermarket chain called Hannaford. "We're pleased that the authorities have aggressively pursued this case to be in a position to bring an indictment against the alleged perpetrators," said Michael Norton, a spokesman for Hannaford. 7-Eleven declined to comment.

The technique

Gonzalez allegedly used a technique known as an "SQL injection attack", a form of computer hacking which is designed to exploit security vulnerabilities in databases. This type of attack is said to have started in Russia, China and North Korea,but has become increasingly popular in the United States. So much so that computer giant IBM will later this month release a report which shows that instances of SQL injection attacks have increased by 50 per cent in the first quarter of 2009, compared with the final quarter of 2008.

SQL injection requires the hackers to gain access to the computer networks they wish to hack. The hacker would do this by somehow breaching the computer's firewall and then "injecting" software into the database, which is held in a computer programming language known as SQL. What type of software is not known, but it would search for pins or passwords or transaction records. The stolen data was then sent to computer servers to sell on.

News
Russia Today’s new UK channel began broadcasting yesterday. Discussions so far have included why Britons see Russia as ‘the bad guy’
news

New UK station Russia Today gives a very bizarre view of Britain

News
people
News
people
Voices
Left: An illustration of the original Jim Crowe, played by TD Rice Right: A Couple dressed as Ray and Janay Rice
voices

By performing as African Americans or Indians, white people get to play act a kind of 'imaginary liberation', writes Michael Mark Cohen

PROMOTED VIDEO
Have you tried new the Independent Digital Edition apps?
News
ebooksAn unforgettable anthology of contemporary reportage
News
i100
Arts and Entertainment
Hand out press photograph/film still from the movie Mad Max Fury Road (Downloaded from the Warner Bro's media site/Jasin Boland/© 2014 Warner Bros. Entertainment Inc.)
films'You have to try everything and it’s all a process of elimination, but ultimately you find your path'
Arts and Entertainment
Imelda Staunton as Dolores Umbridge in the Harry Potter films
books

New essay by JK Rowling went live on Pottermore site this morning

News
people

Top Gear presenter is no stranger to foot-in-mouth controversy

Arts and Entertainment
Keira Knightley and Benedict Cumberbatch at the premiere of The Imitation Game at the BFI London Film Festival
filmsKeira Knightley tried to miss The Imitation Game premiere to watch Bake Off
News
i100
Latest stories from i100
Have you tried new the Independent Digital Edition apps?
Independent Dating
and  

By clicking 'Search' you
are agreeing to our
Terms of Use.

iJobs Job Widget
iJobs General

Mobile Developer (.NET / C# / Jason / Jquery / SOA)

£40000 - £65000 per annum + bonus + benefits + OT: Ampersand Consulting LLP: M...

Humanities Teacher - Greater Manchester

£22800 - £33600 per annum: Randstad Education Manchester Secondary: The JobAt ...

Design Technology Teacher

£22800 - £33600 per annum: Randstad Education Manchester Secondary: Calling al...

Foundation Teacher

£100 - £125 per day: Randstad Education Chelmsford: EYFS Teachers - East Essex...

Day In a Page

The drugs revolution starts now as MPs agree its high time for change

The drugs revolution starts now as MPs agree its high time for change

Commons debate highlights growing cross-party consensus on softening UK drugs legislation, unchanged for 43 years
The camera is turned on tabloid editors in Richard Peppiatt's 'One Rogue Reporter'

Gotcha! The camera is turned on tabloid editors

Hugh Grant says Richard Peppiatt's 'One Rogue Reporter' documentary will highlight issues raised by Leveson
Fall of the Berlin Wall: It was thanks to Mikhail Gorbachev that this symbol of division fell

Fall of the Berlin Wall

It was thanks to Gorbachev that this symbol of division fell
Halloween 2014: What makes Ouija boards, demon dolls, and evil clowns so frightening?

What makes ouija boards and demon dolls scary?

Ouija boards, demon dolls, evil children and clowns are all classic tropes of horror, and this year’s Halloween releases feature them all. What makes them so frightening, decade after decade?
A safari in modern Britain: Rose Rouse reveals how her four-year tour of Harlesden taught her as much about the UK as it did about NW10

Rose Rouse's safari in modern Britain

Rouse decided to walk and talk with as many different people as possible in her neighbourhood of Harlesden and her experiences have been published in a new book
Welcome to my world of no smell and odd tastes: How a bike accident left one woman living with unwanted food mash-ups

'My world of no smell and odd tastes'

A head injury from a bicycle accident had the surprising effect of robbing Nell Frizzell of two of her senses

Matt Parker is proud of his square roots

The "stand-up mathematician" is using comedy nights to preach maths to big audiences
Paul Scholes column: Beating Manchester City is vital part of life at Manchester United. This is first major test for Luke Shaw, Angel Di Maria and Radamel Falcao – it’s not a game to lose

Paul Scholes column

Beating City is vital part of life at United. This is first major test for Shaw, Di Maria and Falcao – it’s not a game to lose
Frank Warren: Call me an old git, but I just can't see that there's a place for women’s boxing

Frank Warren column

Call me an old git, but I just can't see that there's a place for women’s boxing
Adrian Heath interview: Former Everton striker prepares his Orlando City side for the MLS - and having Kaka in the dressing room

Adrian Heath's American dream...

Former Everton striker prepares his Orlando City side for the MLS - and having Kaka in the dressing room
Simon Hart: Manchester City will rise again but they need to change their attitude

Manchester City will rise again but they need to change their attitude

Manuel Pellegrini’s side are too good to fail and derby allows them to start again, says Simon Hart
Isis in Syria: A general reveals the lack of communication with the US - and his country's awkward relationship with their allies-by-default

A Syrian general speaks

A senior officer of Bashar al-Assad’s regime talks to Robert Fisk about his army’s brutal struggle with Isis, in a dirty war whose challenges include widespread atrocities
‘A bit of a shock...’ Cambridge economist with Glasgow roots becomes Zambia’s acting President

‘A bit of a shock...’ Economist with Glasgow roots becomes Zambia’s acting President

Guy Scott's predecessor, Michael Sata, died in a London hospital this week after a lengthy illness
Fall of the Berlin Wall: History catches up with Erich Honecker - the East German leader who praised the Iron Curtain and claimed it prevented a Third World War

Fall of the Berlin Wall

History catches up with Erich Honecker - the East German leader who praised the Iron Curtain and claimed it prevented a Third World War
How to turn your mobile phone into easy money

Turn your mobile phone into easy money

There are 90 million unused mobiles in the UK, which would be worth £7bn if we cashed them in, says David Crookes