Born: June 1981 – Miami, Florida
Albert Gonzalez grew up in Miami, the son of Cuban immigrants. He was given his first computer at 8 years old. Completely self-taught at the computer, those around him as a child him considered him a “genius.” He was also described as being a loner with no friends but his computer.
By the age of 14 he had hacked into both NASA and Indian government systems–each earning him visits from the local authorities and the FBI.
In 2000, he dropped out of Miami-Dade Junior College where he was said to have been “bored” by academic life. He moved to New York City and ultimately on to Kearney, NJ, leaving behind the life of “troubled pack leader of computer nerds.”
ShadowCrew and First Arrest…
In 2003 he was arrested in New Jersey working as the administrator for a website called ShadowCrew.com where many of its 4,000 members were swapping stolen credit card information.
After Gonzalez was arrested he began working with the Secret Service as an informant. In one such collaboration known as Operation Firewall, he persuaded “ShadowCrew” members to join his private VPN service, which unbeknownst to them was being monitored by the federal authorities. On October 2004, 28 members of ShadowCrew were arrested, although Gonzalez appeared to have tipped off at least some of his friends who avoided arrest.
Operation Get Rich or Die Tryin…
From there Gonzalez moved back to Miami and started a hacking group called Operation Get Rich or Die Tryin.
By this point, using his ill gotten gains Gonzalez was living the fast life heavily using Ecstasy, cocaine, mushrooms and acid and renting $5,000 a night South Beach duplexes as well as throwing mega birthday party bashes with close to six figure price tags.
During the height of Gonzalez’ hacking career he was also still working as an informant helping track down cyber criminals–he was said to still be drawing $75k a year as an FBI informant by the time he was ultimately apprehended.
On May 7, 2008 Gonzalez was arrested for stealing credit and debit card information from retailers including OfficeMax, TJ Maxx, Boston Market, Barnes & Nobles, Sports Authority, Forever 21, DSW and Dave & Busters over an 18 month period ending in 2007.
The primary technique used by Gonzalez and his ring was to use “wardriving” and then sniffer programs to capture the card numbers. Wardriving involves driving around and looking for unsecured WIFI networks and then compromising the networks to steal data.
Once the ring had captured over 40 million credit and debit card numbers they either sold the numbers to criminal organizations or encoded the data on magnetic stripes and took out “tens of thousands of dollars at a time” from ATM machines.
During the various law enforcement raids $1.6 million dollars in cash was seized including $1.1 buried in a drum in his parent’s backyard.
On Aug 17, 2009 Albert Gonzalez was again indicted in Newark, NJ for the cyber theft of 130 million credit card numbers at companies including Heartland Payment Systems, 7-Eleven and others.
According to the federal indictment he along with “two Russian programmers” hacked onto the corporate networks, installing malware that allowed them to steal the card numbers and other PII. This was possibly the largest retail theft in history as Gonzalez and his multinational conspirators were estimated to have caused over $200 million in damages.
On March 25, 2010, Gonzalez pleaded guilty to the May 2008 charges that included TJ Max. According to his plea agreement Gonzalez faced up to 25 years in prison, although at sentencing he asked for leniency saying that “he had been addicted to computers since childhood, had abused alcohol and illegal drugs for years and suffered from symptoms of Asperger’s disorder, a form of autism.” [Editor’s Note: For years many have theorized that hackers and crackers often display a form of autism that leads them to obsessiveness however the jury is still out on that one. See – The Link Between Computer Hackers And Asperger’s Syndrome Is A Myth]
Gonzalez was sentenced to 20 years, the longest sentence ever meted out for a computer crime.
As part of his plea he had to relinquish much of what he had gained through illegal means: “More than $1.65 million, a condominium in Miami, a blue 2006 BMW 330i automobile, IBM and Toshiba laptop computers, a Glock 27 firearm, a Noka cell phone, a Tiffany diamond ring and three Rolex watches.”
At least three others were indicted and convicted in the TJ Max case: Jeremy Jethro, for providing Gonzalez with a zero-day exploit, which took advantage of a hole in the Internet Explorer browser; Humza Zaman, for helping launder “at least” $600,000; and Stephen Watt, for providing Gonzales with the sniffer program that was used to hijack the credit card numbers.
Sadly Jonathan Joseph James, the infamous hacker who was the first juvenile ever to be incarcerated for cyber crimes, committed suicide rather than deal with authorities who he feared had connected James (without justification, he claimed) to the ring and its exploits.
In March 2011, Gonzalez filed a motion to withdraw his guilty plea claiming that his defense attorney’s provided ineffective assistance of counsel in that they never used the fact that he was working as an informant for the Secret Service as part of what is known as a “public authority defense.”
As of this writing [July 2018], Gonzalez is serving his sentence at Federal Correctional Institution, Yazoo City, Missouri a minimum security penitentiary, as inmate Register Number: 25702-050, with a scheduled release date of 10/29/2025.
- To prepare co-conspirator Stephen Watt for jail, Gonzales sent him a six page typewritten letter called “A Guide to Being Successful in Jail” describing how prison works, with topics such as “how the different races interact, how to properly climb onto a top bunk without offending your cellmate, even how to fart without stinking up the cell.”
- Gonzalez and his crew were profiled on American Greed in the episode Hackers: Operation Get Rich or Die Tryin.
- Famously once complained that because his money counting machine was broken he had to count $340,000 in twenty dollar bills by hand.
- Used handles Segvec, Soupnazi, J4guar and CumbaJohnny
Sources Used For This Article:
- ABC News – Accused credit card hacker lived large in Miami
- RollingStone.com – Sex, Drugs, and the Biggest Cybercrime of All Time
- U.S. Justice Department – International Hacker Pleads Guilty for Massive Hacks of U.S. Retail Networks
- Time Magazine – Master Hacker Albert Gonzalez
- ABC News – Hacker Behind Massive Credit Data Theft Gets 20 Years
- Reuters – REUTERS – Friday 26 March 2010 11:24
- SC Media – Hacker Albert Gonzalez receives 20 years in prison
- SC Media – TJX hacker Gonzalez asks for withdrawal of guilty plea