Mastermind of TJX, Heartland Breaches to Plead Guilty

Albert Gonzalez , the man accused of masterminding the massive data thefts at TJX Companies Inc., Heartland Payment Systems and several other retailers has agreed to plead guilty to charges in a 19-count indictment that includes conspiracy, wire fraud and aggravated identity theft charges.

Under an agreement with prosecutors in Boston today, Gonzalez will face a maximum of 25 years in prison and will forfeit more than $2.8 million in cash.

Gonzalez was arrested in Miami in 2008 along with 10 other individuals. He was indicted separately in federal court in Boston and in New York on charges relating to the thefts at TJX, Dave & Busters, BJ’s Wholesale Club, OfficeMax, Boston Market, Barnes & Noble, Sports Authority, Forever 21 and DSW.

Earlier this month, Gonzalez was also indicted in New Jersey on charges that he, along with two unidentified Russian accomplices, was responsible for huge data thefts at Heartland, Hannaford, 7-Eleven Inc. and two other unnamed retailers. Prosecutors alleged that the three were responsible for stealing data on more than 130 million credit and debit cards for the five retailers. Today s plea deal does not include his indictment on these charges.

At the time of the New Jersey indictments, Gonzalez attorney Rene Palamino had claimed that his client had been close to agreeing to a plea bargain in connection with the charges filed against him in 2008. In an interview with Computerworld , Palamino had said that we has working with federal authorities to hammer out a new plea agreement following the indictments on the Heartland and other charges.

Palamino had also claimed in an interview with the New York Times that he intended to argue in court that Gonzalez was not the mastermind of the Heartland breach and that it was one of his client’s accomplices who had pulled off the heist.