Albert Gonzalez, the hacker accused of masterminding the Heartland and TJX breaches, will plead guilty at a hearing scheduled for Sept. 11, according to a draft of the plea agreement supplied to InternetNews.com by the Department of Justice.
Gonzalez will plead guilty to all 19 counts of the indictment and surrender his assets, some of which have already been seized. He his attorney, Rene Palomino, Jr., both signed the agreement on Aug. 25.
“He will be pleading guilty in Boston, probably next week, depending on when he is transferred,” George Farkas, his local lawyer in New York, said in an e-mail to InternetNews.com.
The agreement calls for 15 years of jail time and, following that, five years’ probation, the relinquishing of stolen cash and other gains, and a fine.
The list of assets in the agreement appears to vindicate reports that Gonzalez was living well, despite having pulled of several high-profile capers. Those assets include his car (a blue 2006 BMW 300i), a condo, a Tiffany diamond ring he gave to his girlfriend, three Rolex watches given away, his laptop,
his PDA, his cell phone, his Glock pistol, and over $1.65 million in cash.
The agreement shows that assets were seized from his room in the expensive and Art Deco National Hotel in Miami, Florida. The agreement does not list the address of his Miami condo.
Further legal action
According to the plea agreement, Gonzalez will not be immune from suits from his victims — individuals numbering the millions. A class-action suit has already been filed against payment processor Heartland, which estimates that the breach has already cost it $12 million, much of it in fines from Visa and MasterCard.
Meanwhile, both the Heartland breach and the TJX breach have come to serve as object lessons in the amount of damage a company can suffer in the event of a data breach and the loss of credit card information.
Those lessons might not be coming a moment too soon, with signs indicating that cybercrime will continue to grow and that data thievery has become an epidemic: Researcher Larry Ponemon warned this year that most U.S. business have been breached.