TJX hacker sentenced to 20 years in jail

News

TJX hacker sentenced to 20 years in jail

Warwick Ashford

A hacker who helped organise one of the largest thefts of card details in history has been sentenced to 20 years in jail.

Albert Gonzalez masterminded the breaches at retailer TJX, where 11.2 million payment card details were stolen.

TJX, owner of TJ Maxx in the UK, was ordered to pay nearly $10m to 41 US states for failing to prevent the data breach engineered by Gonzalez.

He was among 11 suspects charged with breaking into the wireless networks of several US retailers in 2003 to steal credit card details.

Gonzalez will be sentenced for his involvement in breaches at Heartland Payment Systems today.

Heartland Payment Systems was the largest data breach worldwide in 2009 with 130 million payment card details stolen.

Amichai Shulman, chief technology officer at security firm Imperva, said the Gonzalez case shows that enterprises are fighting today's cyber war with yesterday's technology.

"The current data security spend is focused on enterprise networks, yet the Gonzalez attacks took advantage of weaknesses in the database and applications. And this is an industry-wide problem," he said.

According to Shulman, research has shown that in 2009, 74% of lost data came from database breaches, 19% from application breaches and 7% from network breaches.

"Yet more than 90% of 2009's $16bn in security spend was on network security. This disconnect needs to be remedied," he said.


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy