We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

TJX hacker accomplice gets five years

Last conviction on TJX credit card theft case

Article comments

Ending a chapter in one of the worst hacking cases in US history, a federal judge handed down a five-year sentence to a 25-year-old man who helped steal tens of millions of credit card numbers.

Damon Patrick Toey had already plead guilty to charges that he sold batches of stolen credit card data, called dumps, on behalf of convicted hacker Albert Gonzalez and helped him infiltrate the systems of a number of companies. Gonzalez was sentenced last month to 20 years in prison, the longest sentence ever handed down in the US for a computer crime.

Operating out of a Miami condominium owned by Gonzalez, Toey worked in a hacking ring that broke into systems belonging to a number of US retailers, as well as Heartland Payment Systems, a major processor of US credit card transactions.

Toey was sentenced by US District Judge William Young in federal court in Boston. After serving his five-year sentence, he will undergo three years of supervised release. He must also pay a US$100,000 fine.

Gonzalez led a crew of hackers who broke into networks by hacking wireless access points and then later used SQL injection attacks to access corporate databases via the Web. They broke into companies such as TJX, Office Max, Barnes & Noble and Dave & Buster's, ultimately selling millions of credit card numbers to Russian criminals and using some of the data to make unauthorized ATM withdrawals.

Toey is the last of six US men to be sentenced in connection with the hacking. The group's offshore accomplices have not been arrested.

Share:

Comments

Advertisement
Advertisement
Send to a friend

Email this article to a friend or colleague:


PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.


ComputerworldUK Knowledge Vault

ComputerworldUK
Share
x
Open
* *