Master credit card thief claims US government authorized his crimes
A year ago, Albert Gonzalez confessed to having led an operation that stole more than 130 million credit and debit card numbers by hacking into computers at TJ Maxx and other retailers and was sentenced to twenty years in prison. Now he wants his conviction overturned on the grounds that the US Secret Service authorized him to do it.
In a habeas corpus petition filed on March 24, Gonzales writes, “I still believe that I was acting on behalf of the United States Secret Service and that I was authorized and directed to engage in the conduct I committed as part of my assignment to gather intelligence and seek out international cybercriminals. … I now know and understand that I have been used as a scapegoat to cover someone’s mistakes.”
(The full petition is available here.)
According to The Register, however, “Gonzalez, 29, who escaped jail time back in 2004 over his involvement in the sale of 1.5 million stolen credit and ATM card numbers while a member of the Shadowcrew group by ratting out his erstwhile partners in cybercrime, went on to bigger and better things. While supposedly working for the Secret Service, he acted as ringleader in a massive credit card theft and laundering operation involving an estimated 170 million credit cards between around July 2005 and his arrest in May 2008.”
Gonzalez himself claims that the Secret Service “treated me like one of their own” and that he was even invited to brief the government agents on malware and other security vulnerabilities. “All of this inflated my ego and made me feel very important and made me feel like I was really a part of the Secret Service with the backing and support of the Government Agency,” he writes. “One day I was unknown and nothing and the next day I am being hailed as a genius.”
Gonzalez alleges that everything he did was controlled by the Secret Service and that he expected them to step in after he was arrested by Miami police in 2008 “and take custody of me and squash the charges.” He also says his former lawyers never told him he could use a “Public Authority defense” — arguing that he had government approval to commit his crimes — and that he would not have pleaded guilty if he had known.
One of those lawyers, Rene Palomino, disputes this claim, insisting, “He was given the opportunity of a lifetime to work for the Secret Service. He chose to become a criminal, bottom line, and become a double agent working both sides — the criminal side and the legal side.”
The Register largely agrees, writing that “the petition provides a fascinating insight into the life of a cybercrime informant and cites example that would support the contention that Secret Service informants turned a blind eye to some low-level scams carried out by Gonzalez. … It’s a much bigger stretch, however, to come away with the conclusion that the Secret Service had granted Gonzalez carte blanche to carry out the biggest cybercrime operation ever uncovered.”
Adding an additional twist to the story, Gonzales claims that his lawyers failed to file a motion to suppress evidence obtained from a Ukrainian vendor of stolen card data who was allegedly tortured by Turkish officials to obtain access to data on his computer which implicated Gonzalez.
Palomino says he was unable to do anything because Gonzalez’s parents didn’t have the money to pay for him to fly to Turkey to investigate the matter. He also insists, “We researched the issue regarding the evidence, and there were no grounds for suppression.”
Image from the US Secret Service, courtesy of Wikimedia Commons.