Redazione RHC : 18 October 2025 21:57
Born to Cuban parents in 1981, Albert Gonzalez attended South Miami High School in Miami, Florida. He was accused of acquiring and reselling over 180 million payment cards between 2005 and 2007, the largest fraud in history.
Gonzalez and his gang of cybercriminals used SQL injections to deploy backdoors across various infrastructures to launch packet sniffing attacks (specifically, ARP spoofing), allowing them to steal data from internal corporate networks. On March 25, 2010, Gonzalez was sentenced to 20 years in federal prison and is scheduled for release in 2025.
Albert Gonzalez was a talented young man and had always been passionate about computers and information technology, so much so that he helped families in his Miami neighborhood install computers in their homes.
At the age of 14, he managed to hack into NASA’s network, which led to his first visit from the FBI right in high school, but this did not stop him from carrying out all the computer crimes he committed in the following years.
He had a natural talent for hacking, and this ability led him to use it to make money. Albert began to ignore his studies as he progressed through high school, and in fact his grades began to suffer due to the time he spent in chat rooms, especially late at night.
His initial nickname was “Soupnazi,” after the restaurateur from the sitcom Seinfeld. His passion for computers blossomed in high school, where he led a group of computer hackers who sought solace in their computer knowledge. He graduated high school in 1999 and a few months later was visiting one of his online friends named Stephen Watts. The two spent time together, sharing the same passions for both programming and hacking.
Stephen later became one of his accomplices. During his freshman year, Albert taught himself how to hack broadband Internet service providers by reading the
software manuals. However, he soon realized he could do more and began stealing the credentials of managers and executives, as well as learning more about systems design.
During his first semester at Miami College, he dropped out. He then became a board member of SlmdowCrew, a forum where cybercriminals exchanged services ranging from selling credit card data to Social Security cards and cybercrime, in 2002, while he was unemployed and in need of money.
Albert was arrested in New York in 2003 when a New York Police Department detective caught him withdrawing cash from multiple credit cards.
Gonzalez eventually agreed and pleaded guilty, escaping prosecution after several interviews and becoming an informant in “Operation Firewall,” a federal team fighting cybercrime.
His government employment simply fueled his illegal behavior. He believes this commitment enhanced his skills. He witnessed the arrest of hundreds of ShadowCrew users in October 2004 while gathering intelligence on police operations.
For his protection, he was advised to return to his homeland, then to Miami.
Albert eventually became a paid informant for the Miami Secret Service office in early 2006 after helping with another case.
He lived a lavish lifestyle, purchasing new vehicles, condos, and frequently staying in luxury hotel rooms in Miami. During the day, he worked for the police, and then returned home to run his illegal “business” selling stolen credit cards.
Albert grew tired of working for the Secret Service in mid-2007 and began arriving late to the office. The agents began to question his usefulness, eventually firing him and letting him go.
He was looking for a new challenge. This was SQL injections, those security flaws that, when detected in a web application, often allowed direct access to the data.
Gonzalez and other affiliated hackers began hacking organizations, extracting 180 million payment card accounts. These include America’s most well-known banks, including OfficeMax, BJ’s Wholesale Club, Dave & Buster’s restaurants, TJ Maxx, and Marshalls, as well as clothing chains. All this while working for the government.
In May 2008, federal agents arrested Albert and Stephen at the posh Miami hotel where they were staying. Agents discovered a handgun, two computers, and $25,000 in cash.
He admitted to burying a barrel containing $1 million in cash in his parents’ lawn. After Albert’s Ukrainian card dealer, Maksym Yastremskiy, was arrested in July 2007, agents ran a series of analyses on Yastremskiy’s computer.
They discovered millions of stolen card numbers, hacking tools, and encrypted communication logs with Albert on his laptop hard drives.
Stephen Watts admitted to developing the code that proved key to Albert’s operation, but claimed he was unaware that the code had been used for criminal purposes and that he did not profit from the crimes.
The judge sentenced Stephen to two years in prison and ordered him to pay a portion of the $180 million in damages.
Albert expressed regret for his crimes, admitting that he “never considered the impact of his actions on the millions of individuals affected” and that he was “truly sorry” for his conduct, which had so many ramifications.
As soon as Albert discovered that Patrick had become a state witness, he pleaded guilty and cooperated extensively with the police.
He avoided a life sentence thanks to his cooperation and in 2010 was sentenced to 20 years in prison, the longest sentence in the world for a computer crime.
He is expected to be released from prison in 2025, after taking into account time servers and good behavior.
Redazione