By Joda Thongnopnua

WASHINGTON, D.C. (BNO NEWS) – An alleged international hacker from Florida was indicted on Monday for his part in an attack on major U.S. retail and banking networks, the U.S. Justice Department announced.

Albert Gonzales, of Miami, Florida, and two unnamed co-conspirators were indicted for conspiring to hack into networks of various American retail and financial businesses and stealing data accounting to more than 130 million credit and debit cards.

With a two count indictment alleging conspiracy to engage in wire fraud, Gonzales is charged with using a hacking technique known as a “SQL injection attack” which exploits security vulnerabilities in the network’s database due to incorrectly filtered user input.

The indictment details the largest alleged credit and debit card data breach ever charged in the United States. The indictment alleges that beginning in October 2006, Gonzales, as well as his co-conspirators, studied the credit and debit card systems used by their victims, planned a sophisticated attack to penetrate their networks to steal credit and debit card information, used elaborate techniques to cover their tracks and avoid detection, and then sent that information to servers maintained and operated by them located all over the world.

Among the corporate victims are Heartland Payment Systems, a New Jersey-based card payment processor, 7-Eleven Inc., a Texas-based nationwide convenience store chain, and Hannaford Brothers Co. Inc., a Maine-based supermarket chain.

Gonzales was charged prior to those announced today. The U.S. Attorney’s Office for the Eastern District of New York charged Gonzales for his alleged role in the hacking of a computer network run by a national restaurant chain in May 2008. In August of 2008, the U.S. Justice Department announced an additional series of indictments against Gonzales and others for a number of retail hacks that affected eight major retailers and their involvements in the theft of data related to 40 million credit cards. Those charges were filed in the District of Massachusetts.

The charges announced today concern a different pattern of hacking undertaking that concentrated different corporate victims and involved different co-conspirators. Gonzales, who is currently in federal custody, faces up to 20 years in prison on the wire fraud conspiracy charge and an additional five years in prison on the conspiracy charge, and a $250,000 fine for each charge if convicted.

The case is currently being investigated by the U.S. Secret Service.