TJX hacker accomplice gets five years

Damon Patrick Toey was the last person to be sentenced in a hacking ring that broke into Heartland, TJX and others.


Ending a chapter in one of the worst hacking cases in US history, a federal judge handed down a five-year sentence to a 25-year-old man who helped steal tens of millions of credit card numbers.

Damon Patrick Toey had already plead guilty to charges that he sold batches of stolen credit card data, called dumps, on behalf of convicted hacker Albert Gonzalez and helped him infiltrate the systems of a number of companies. Gonzalez was sentenced last month to 20 years in prison, the longest sentence ever handed down in the US for a computer crime.

Operating out of a Miami condominium owned by Gonzalez, Toey worked in a hacking ring that broke into systems belonging to a number of US retailers, as well as Heartland Payment Systems, a major processor of US credit card transactions.

Toey was sentenced by US District Judge William Young in federal court in Boston. After serving his five-year sentence, he will undergo three years of supervised release. He must also pay a US$100,000 fine.

Gonzalez led a crew of hackers who broke into networks by hacking wireless access points and then later used SQL injection attacks to access corporate databases via the Web. They broke into companies such as TJX, Office Max, Barnes & Noble and Dave & Buster's, ultimately selling millions of credit card numbers to Russian criminals and using some of the data to make unauthorized ATM withdrawals.

Toey is the last of six US men to be sentenced in connection with the hacking. The group's offshore accomplices have not been arrested.

"Recommended For You"

Jailed TJX hacker says 'government made me do it' Arrest in India over TJX data theft