A second criminal hacker accused of involvement in the massive data breach targeted at T.J. Maxx's parent company, one of the largest security breaches to date, reportedly pleaded guilty on Monday.
As part of a plea bargaining arrangement Christopher Scott, 25, of Miami, has admitted to computer hacking, access device fraud, and identity theft, according to the Associated Press. He could face a sentence of up to 22 years in jail and a fine of up to $1 million for his crimes.
The plea comes almost two weeks after Damon Patrick Toey pleaded guilty to his role. The 11 defendants were formally charged last month. Three are from the U.S., one from Estonia, three from the Ukraine, two from the People's Republic of China, and one from Belarus. Another man involved used an alias and his whereabouts are unknown.
In March 2007, TJX, the parent company of T.J. Maxx and Marshall's, said 45.7 million accounts were compromised over nearly a two-year period. The company believed the hackers gained access to millions of credit card and debit card numbers through inadequately protected Wi-Fi networks, and then put the numbers up for sale.