Redspin
About Us Main         
Corporate Ethos        
Environmental Ethos     
Redspin In The News  
Press Releases           
Careers                      
Contact Us Toll Free - 800-721-9177
Request A Quote
Security Blog
Assessment Services Assessment Tools Security Research About Us Contact Us

Redspin In The News

 Back To Redspin In The News
August, 24 2009
ALLEGED HACKER CHARGED IN HEARTLAND, HANNAFORD BREACHES

A Miami man has been charged with allegedly attempting to steal more than 130 million credit and debit card numbers and account data, according to an indictment released Monday. The U.S. Department of Justice says Albert Gonzalez, 28, was one of three individuals who allegedly broke into the payments networks of Heartland Payment Systems Inc., Hannaford Brothers Co., 7-Eleven Inc. and two unnamed retailers using hacks that captured sensitive cardholder data and removed traces of the misdeeds. The indictment did not name the two other defendants, who live in Russia.

Payment processor Heartland announced in January that an unknown amount of credit and debit card data was stolen from the Princeton, N.J.-based company's network (CardLine, 1/20). A statement from Heartland praised the prosecutors' work and said the processor would continue to help with the investigation and with "the broader fight against global cyber criminals."

Hannaford, which is based in Scarborough, Maine, said in 2008 its network of 165 grocery stores was breached (CardLine, 3/18/08). The indictment also says Dallas-based 7-Eleven's network was attacked beginning in August 2007. The three defendants began scheming in 2006 to steal the merchants' data and resell it, the indictment alleges. It also says they disabled programs designed to root out such attacks, tested their malicious software against approximately 20 antivirus software programs and programmed the malware to hide evidence of its presence.

Several years ago, hackers attacked networks for the notoriety, notes Matt Marshall, vice president of security engineering at Redspin Inc., a Carpinteria, Calif.-based data-security company. "It's really become all about the money," Marshall tells CardLine. "There is no ‘silver bullet' to fix this." The best way to counter such sophisticated threats is to constantly test a network for vulnerabilities, Marshall says. "Any merchant that has, in this case, an Internet presence is certainly at risk," he says.

If convicted, Gonzalez faces up to 30 years in prison on the wire fraud conspiracy charge and an additional five years on the conspiracy charge, and a $250,000 fine for each charge, the Department of Justice says. He is being held in federal custody.

 Back To Redspin In The News



Home  |  Assessment Services  |  Assessment Tools  |  Security Research  |  About Us  |  Contact Us  |  Site Map
©2009 Redspin, Inc. | Privacy Policy
Site Design and Development by Petro Design Co.

Casino IT Assessments

External Network Security Assessments

Financial Services

Healthcare Security Assessments

Internal Network Security Assessments

NERC Cyber Security Assessments

PCI Services

Social Engineering

Special Security Assessment Services

Testing and Certification Program

Website Security Assessments

NMap XML2SQL

fTrace

Crackulator

Redspin Research

Redspin Presentations

Redspin Videos

Redspin Data Sheets

Redspin White Papers

Technical Resources

Regulatory Resources

Security Management Advisory

Corporate Ethos

Environmental Ethos

Redspin In The News

Press Releases

Upcoming Events

Careers

Contact Us

Request Pricing