A Michigan man pleaded guilty to four counts of wire fraud and unauthorised access to a computer after he and two accomplices used a vulnerable wireless network at a DIY store in an attempt to steal credit card numbers from the company's main computer systems.
Brian Salcedo could face up to 18 years in prison for the offences which, the government claimed, could have caused more than $2.5m (£1.4m) in damages.
The case stems from a series of hacks in October and November 2003 in which Salcedo's two accomplices, Adam Botbyl and Paul Timmins, discovered a loosely protected wireless local area network connection at a Lowe's store in Michigan while scanning for open connections.
The trio subsequently used the open access point to compromise the entire corporate network of the company, hacking into stores in California, Kansas, South Dakota and other states in the weeks that followed.
The three also attempted to install a modified version of a credit processing program called "tcpcredit" which skimmed credit account information for every transaction processed at a particular Lowe's store.
In November, a grand jury indicted the three on 16 counts of wire fraud and unauthorised intrusion. In May, both Salcedo and Botbyl reached plea agreements and Botbyl agreed to plead guilty to one count of conspiracy to gain unauthorised access to a nationwide computer network.
The third and final member of the group, Paul Timmins, is scheduled to appear in court on 28 June.
Paul Roberts writes for IDG News Service