A Miami resident was charged with stealing 130 million credit and debit card numbers in what the Justice Department described Monday as the largest data breach ever in the United States.
Albert Gonzales, 28, and two unnamed computer hackers were indicted for using a sophisticated hacking technique called an "SQL injection attack" for stealing card information, through exploiting computer networks by finding a way around their firewall.
According to the indictment, Gonzales and his co-conspirators started hacking computers in October 2006 and sent the data to computer servers they operated in California, Illinois, Latvia, the Netherlands and Ukraine.
Their corporate victims ranged from Heartland Payment Systems, a New Jersey-based card payment processor to 7-Eleven Inc, a Texas-based nationwide convenience store chain; and Hannaford Brothers Co Inc, a Maine-based supermarket chain.
If convicted, Gonzales faces up to 20 years in prison on the wire fraud conspiracy charge and an additional five years on the conspiracy charge, as well as a fine of 250,000 dollars for each charge, the Justice Department said in a statement.