• On TV.com: TOP 10 Shows CANCELED Too Soon
advertisementGet Smart about Business Spending
September 12, 2008 9:11 AM PDT

One of 11 alleged T.J. Maxx hackers pleads guilty

by Declan McCullagh
  • Font size
  • Print
  • 4 comments

One of the hackers accused of involvement in the massive data breach targeted at T.J. Maxx's parent company, arguably the largest security breach worldwide, reportedly pleaded guilty on Thursday.

Damon Patrick Toey pleaded guilty to wire fraud, credit card fraud, and aggravated identity theft, and will be released subject to electronic monitoring, according to a report on the Wall Street Journal's Web site. Eleven defendants total are facing charges in federal court in Boston.

TJX Companies, the parent company of T.J. Maxx and Marshall's, said in March 2007 that 45.7 million accounts were compromised over nearly a two-year period. The company said--and federal investigators subsequently confirmed--that it believed the hackers gained access to millions of credit card and debit card numbers through inadequately protected Wi-Fi networks, and then put the numbers up for sale.

The 11 defendants were formally charged last month, including three from the U.S., one from Estonia, three from the Ukraine, two from the People's Republic of China, and one from Belarus. One used an alias and his whereabouts are unknown.

Declan McCullagh, CNET News' chief political correspondent, chronicles the intersection of politics and technology. He has covered politics, technology, and Washington, D.C., for more than a decade, which has turned him into an iconoclast and a skeptic of anyone who says, "We oughta have a new federal law against this." E-mail Declan.
Topics:

News,

Vulnerabilities & attacks

Tags:

credit card,

hacking

Share:
Digg
Del.icio.us
Reddit
advertisement
Click Here
Recent posts from Security
Big changes in Security Starter Kit 2010
Confidential 9/11 pager messages disclosed
Microsoft warns of IE exploit code in the wild
Chrome OS security: 'Sandboxing' and auto updates
E-tailers snagged in marketing 'scam' blame customers
McAfee warns about '12 Scams of Christmas'
Cisco launches iPhone security app
Town to photograph every car that enters and leaves
Related
Eastern Europeans charged in payment processor hack
Former AMD chief linked to Galleon case
McAfee warns about '12 Scams of Christmas'
Facebook awarded $711 million in spam lawsuit
Hacked e-mails fuel climate change skeptics
RSA reveals details behind re-shipping scam
Police arrest exec for not using Twitter
Hacker breaks into jailbroken iPhones, asks for $7
Add a Comment (Log in or register) (4 Comments)
  • prev
  • 1
  • next
by BenjaminWright September 12, 2008 10:10 AM PDT
Careful reading of the indictments of the TJX data thieves show that the media, card issuers and Federal Trade Commission over-reacted to the TJX incident. The TJX break-in was not as bad as we were led to believe. --Ben http://legal-beagle.typepad.com/wrights_legal_beagle/2008/08/credit-card-iss.html
Reply to this comment
by renGek September 12, 2008 11:23 AM PDT
Its typical for those in charge to have knee jerk reaction to security breaches even if minor even if nothing could have possibly been stolen. Its typical in every industry. But at the same time we should not just let it go because its a bad signal to other would be hackers or those about to commit fraud. Some things if you let them get out of hand, you can never pull the rein back.

This one guy who pleaded guilty is probably the smartest because he'll be used to rat on the other 10.
Reply to this comment
by The Harper September 12, 2008 1:44 PM PDT
Actually, the smartest one is the guy who used an alias. The one whose "whereabouts are unknown".
Reply to this comment
by djjohu September 19, 2008 6:00 PM PDT
At least there were no social security numbers that were obtained directly from TJX. Things would have been much worse for identity theft had the hackers been able to access TJX's HR systems. I guess someone should add "don't give any personal information to any stores" to the list of ways to prevent identity theft at http://identitytheft.me/best-practices-to-prevent-identity-theft/ , though that's a bit hard to do online, at least.
Reply to this comment
(4 Comments)
  • prev
  • 1
  • next
advertisement

The browser battles go on and on

roundup From Firefox to IE and from Chrome to Opera and Safari, there's no sitting still for browser makers looking to keep their products fresh and competitive.

3G wireless still holds promise

The next generation of 4G wireless may get all the headlines, but advanced 3G technology will likely dominate services for the next few years.

About Security

Online security is threatened by more than hacking and phishing attempts. Check here for the latest updates on software vulnerabilities, data leaks, and rapidly spreading viruses--and learn how to protect your systems.

Add this feed to your online news reader

Security topics

advertisement
advertisement

Inside CNET News

Scroll Left Scroll Right
News
News site map
Latest headlines
Contact News
News staff
Corrections
CNET blogs
Popular topics
Apple iPhone
Apple iPod
Cell phones
Dell
GPS
LCD TV
CNET sites
CNET Site map
CNET TV
Downloads
News
Reviews
Shopper.com
More information
Newsletters
CNET Mobile
Customer Help Center
RSS
CNET Widgets
About CNET