If your credit-card information was stolen recently, there's a decent chance it fell into the hands of Albert Gonzalez. The infamous computer hacker was indicted along with two unnamed co-conspirators in a New Jersey court on Aug. 17 for the alleged theft of some 130 million card numbers. The crime is believed to be the largest retail-store theft in U.S. history. Although little is known about Gonzalez's personal life, he has a long history of hacking and has been known to operate on both sides of the law.
The 28-year-old lives in Miami
Has operated under the Internet handles "Segvec," "Soupnazi" and "J4guar"
Charged with hacking into retail and card-processing computers to steal 130 million credit- and debit-card numbers from 2006 to 2008. The compromised companies include Heartland Payment Systems, 7-Eleven, two unnamed national retailers and Hannaford Brothers, a regional supermarket chain
Gonzales had previously been indicted once in May 2008 and again in August of the same year for allegedly stealing the info of 40 million credit and debit cards from companies including OfficeMax, TJ Maxx, Boston Market, Barnes & Noble, Sports Authority, Forever 21, DSW and Dave & Buster's
Arrested in New Jersey in 2003 while working as an administrator for the underground, 4,000-member website Shadowcrew.com, on which hackers swapped stolen credit-card information
After his arrest, he began working with Secret Service agents on something called Operation Firewall, in which Gonzalez operating under the handle "CumbaJohny" convinced Shadowcrew members to join his virtual private network, which was secretly monitored by federal agents. In October 2004, 28 hackers were arrested through the operation, though federal agents claim Gonzalez tipped off some of the suspects, helping them to sidestep authorities
After the sting, Gonzalez changed his nickname to "Segvec" and moved to Miami, where he allegedly started a new identity-theft ring called Operation Get Rich or Die Tryin'
According to the Aug. 17 indictment, Gonzalez teamed up with two Russian programmers to hack into corporate computer networks and install "malware," or malicious software, that allowed them to steal data
Heartland Payment Systems, which processes credit-card data for more than 250,000 businesses, accounts for most of the 130 million numbers cited in the New Jersey indictment. The company has thus far spent $12.6 million in legal costs and fines associated with the security breach
The government is seeking forfeiture of Gonzalez's Miami condo, his BMW, a firearm, a currency counter and nearly $1.7 million in cash
Gonzalez's lawyer, Rene Palomino Jr., has thus far refused interview requests regarding the matter and has issued no comment
"I always thought he was Russian."
An unnamed member of the identity-theft community, saying no one realized that "CumbaJohny" and "Segvec" were the same person (Wired.com, Aug. 5, 2008)
"This guy worked very, very hard at something he was very good at."
Assistant U.S. Attorney Erez Liebermann of the Justice Department's New Jersey branch (Newsday, Aug. 17, 2009)
"He's here on U.S. soil. That was his big flaw. If he were anywhere else, he's not going to jail."
Dan Clements, president of CardCops, which tracks stolen credit-card data online (The New York Times, Aug. 18, 2009)