American Greed S05E40 Hackers Operation Get Rich or Die Tryin' HuluRIP ~IPASuperior

Edit subtitles

0:00 - 0:03
0:03 - 0:05

[MUSIC PLAYING]
0:05 - 0:08

NARRATOR (STACY KEACH): In
this episode of American Greed,
0:08 - 0:12

it's called Operation
Get Rich or Die Trying.
0:12 - 0:14

NEWS ANCHOR: The biggest
ID theft in US history.
0:14 - 0:17

NARRATOR: A mysterious
ring of social outcasts
0:17 - 0:20

with an insatiable
appetite for sex, drugs,
0:20 - 0:23

and your encrypted information.
0:23 - 0:24

CHRIS ROBERTS: There's
a very fine line
0:24 - 0:28

between exploiting a
system to check it out
0:28 - 0:30

or exploiting a system for gain.
0:30 - 0:32

PETER GANNON: They were
looking for data any way
0:32 - 0:33

they could get it.
0:33 - 0:35

NARRATOR: They steal
credit card numbers
0:35 - 0:38

and make a fortune by selling
them on the black market.
0:38 - 0:41

KIMBERLY KIEFER PERETTI: It
just kept building upon itself.
0:41 - 0:43

500,000 numbers, then
a million numbers,
0:43 - 0:46

up to 130 million numbers.
0:46 - 0:48

SABRINA RUBIN ERDELY: You or I
might be a victim of this crime
0:48 - 0:50

and we would never know.
0:50 - 0:55

NARRATOR: Victims lose millions,
but no one paid a greater price
0:55 - 0:57

than one of the gang's own.
0:57 - 0:59

SABRINA RUBIN ERDELY: He just
cracked under the pressure.
0:59 - 1:01

[MUSIC PLAYING]
1:01 - 1:13
1:13 - 1:16

NARRATOR: In May 2008,
federal agents in full SWAT
1:16 - 1:19

gear fan out across
South Florida.
1:19 - 1:22

They raid private homes,
condos, even a suite
1:22 - 1:25

at Miami's posh National Hotel.
1:25 - 1:28

PETER GANNON: We received
multiple search warrants
1:28 - 1:32

for numerous houses, cars,
for safety deposit boxes,
1:32 - 1:34

for servers, even
individuals in case
1:34 - 1:37

they had possessed thumb
drives or PDA in their pockets
1:37 - 1:38

or in their backpacks.
1:38 - 1:41

NARRATOR: Agents seized
more than a dozen computers
1:41 - 1:45

and obtained search warrants
for servers overseas.
1:45 - 1:47

On those servers,
they find millions
1:47 - 1:48

of credit card numbers.
1:48 - 1:50

KIMBERLY KIEFER
PERETTI: Their victims
1:50 - 1:54

were a whole range from
small banks and credit unions
1:54 - 1:57

to some of the
largest retailers,
1:57 - 2:00

well-known restaurant chains,
and some of the largest credit
2:00 - 2:02

card processors in
the United States.
2:02 - 2:04

NARRATOR: The
scheme's mastermind
2:04 - 2:06

is 26-year-old Albert Gonzalez.
2:06 - 2:08

SABRINA RUBIN ERDELY:
The problem with hackers
2:08 - 2:11

is that those who might
be inclined to try
2:11 - 2:13

to make some money
off of their skills
2:13 - 2:15

is that they don't know anything
about the criminal underworld,
2:15 - 2:18

and the criminal underworld
may not know that much about
2:18 - 2:19

hacking, but he could
bridge both worlds.
2:19 - 2:21

KIMBERLY KIEFER
PERETTI: I've always
2:21 - 2:25

thought of him as a forerunner,
sort of criminal industry
2:25 - 2:27

pioneer in this whole area
2:27 - 2:29

NARRATOR: For
Gonzalez, who also goes
2:29 - 2:34

by the handles soupnazi,
cumbajohnny, and segvec,
2:34 - 2:36

anonymity is key.
2:36 - 2:38

CHRIS ROBERTS: Most individuals
will have more than one handle.
2:38 - 2:40

So on one particular
forum, you'll
2:40 - 2:41

be known as a
certain individual,
2:41 - 2:44

on another forum you'll be
known as something else.
2:44 - 2:45

In some places,
you'll have a number.
2:45 - 2:48

It will be a sequence number
or a non-sequence number
2:48 - 2:49

depending upon
what you're doing.
2:49 - 2:52

PETER GANNON: These criminals
can communicate to one another
2:52 - 2:53

anonymously.
2:53 - 2:54

So a lot of times
the co-conspirators
2:54 - 2:56

may not know each
other in real life,
2:56 - 2:59

but they communicate
via instant messaging
2:59 - 3:02

and they can assist each
other in their crimes.
3:02 - 3:06

NARRATOR: But Gonzalez
is no ordinary criminal.
3:06 - 3:09

He'll soon be known as the
most cunning cyber crook
3:09 - 3:10

in American history.
3:10 - 3:13
3:13 - 3:17

Albert Gonzalez spends his
childhood in South Florida.
3:17 - 3:20

SABRINA RUBIN ERDELY: His
father came to America from Cuba
3:20 - 3:25

on a homemade raft in the
1970s, and they raised him
3:25 - 3:28

in a working class
neighborhood in Miami.
3:28 - 3:30

NARRATOR: Gonzalez
earns allowance
3:30 - 3:32

working for his father's
landscaping business.
3:32 - 3:34

SABRINA RUBIN ERDELY:
Albert grew up
3:34 - 3:37

in a very politically
conservative home,
3:37 - 3:41

church going Catholics in a
working class environment.
3:41 - 3:46

And he was a very sweet,
good natured boy, outgoing.
3:46 - 3:50

But all that changed when
Albert was about 12 years old
3:50 - 3:53

and he bought his
first computer.
3:53 - 3:56

NARRATOR: At first, his
hobby seems innocent enough.
3:56 - 3:58

SABRINA RUBIN ERDELY: He
just absolutely loved it.
3:58 - 4:00

He wanted to spend
all his time with it.
4:00 - 4:03

NARRATOR: But before long,
Gonzalez' fascination
4:03 - 4:06

with computers
becomes an obsession.
4:06 - 4:08

SABRINA RUBIN ERDELY: His
grades started dropping.
4:08 - 4:10

His mom begged him
to see a psychologist
4:10 - 4:13

and he absolutely refused.
4:13 - 4:15

NARRATOR: He falls in with
a group of hackers called
4:15 - 4:17

the Keebler Elves
Gang, and they hack
4:17 - 4:21

into NASA and the Indian
government's website.
4:21 - 4:22

SABRINA RUBIN ERDELY:
It was about being
4:22 - 4:26

able to pick those locks and
get those bragging rights.
4:26 - 4:28

To be able to say,
see, I did this.
4:28 - 4:30

I might just be a
teenager and I might
4:30 - 4:35

be powerless in the real world,
but online I'm like a god.
4:35 - 4:37

NARRATOR: After
graduating in 1999,
4:37 - 4:40

Gonzalez enrolls in
community college.
4:40 - 4:42

SABRINA RUBIN ERDELY:
Albert dropped out
4:42 - 4:44

of Miami Dade Community
College after less than a
4:44 - 4:48

semester and moved to
New York take a job
4:48 - 4:52

with a dot.com company, which
very quickly went under.
4:52 - 4:55

Then he took a job with
Siemens in their IT department,
4:55 - 4:58

but they very quickly
relocated to Pennsylvania
4:58 - 5:01

and he opted not
to move with them.
5:01 - 5:04

NARRATOR: Jobless, he
begins dabbling in drugs
5:04 - 5:06

and illegal online activity.
5:06 - 5:08

SABRINA RUBIN ERDELY:
He was in New York sort
5:08 - 5:10

of feeling like he
had hit rock bottom
5:10 - 5:12

and not really knowing
what his options were.
5:12 - 5:15

What he did know was that he
was really good at hacking
5:15 - 5:19

and he had access to this
internet carding forum
5:19 - 5:22

that he was well aware
of called ShadowCrew,
5:22 - 5:26

and that seemed like as
good a career option as any.
5:26 - 5:29

NARRATOR: In 2002, black
market carding websites
5:29 - 5:32

like ShadowCrew are
beginning to crop up.
5:32 - 5:34

PETER GANNON: You
go to these forums,
5:34 - 5:37

you can buy or sell credit
and debit card information.
5:37 - 5:40

You can buy access to retailers.
5:40 - 5:42

You can even hire people
to launder your money off
5:42 - 5:44

of these web pages.
5:44 - 5:46

KIMBERLY KIEFER PERETTI:
These carding forums
5:46 - 5:50

have no boundaries, and
criminals from every continent
5:50 - 5:53

join them and
participate in them.
5:53 - 5:55

NARRATOR: Using the
alias cumbajohnny,
5:55 - 5:59

Gonzalez quickly becomes a
ShadowCrew site administrator.
5:59 - 6:03

He helps crooks sell more
than a million stolen cards
6:03 - 6:06

for between $10 and $15 apiece.
6:06 - 6:07

CHRIS ROBERTS: It's millions.
6:07 - 6:09

I mean, we're not
talking about somebody
6:09 - 6:11

making a couple of thousand
or $5,000, $10,000, $15,000.
6:11 - 6:14

We're talking about millions
and millions of dollars.
6:14 - 6:16

KIMBERLY KIEFER PERETTI:
If they steal a debit card
6:16 - 6:18

number and a pin, then
they can re-encode
6:18 - 6:21

that on white plastic,
walk up to an ATM,
6:21 - 6:25

put the pin in, and
clean out the account.
6:25 - 6:29

NARRATOR: ShadowCrew members
call these cash out trips.
6:29 - 6:32

PETER GANNON: Once that ATM is
out, you go to the next one.
6:32 - 6:33

And you continue to
do that until you're
6:33 - 6:37

either out of cards or
the ATMs are out of money.
6:37 - 6:39

NARRATOR: It's a cash
out trip that would
6:39 - 6:42

be Gonzalez' unlikely downfall.
6:42 - 6:45

In 2003, New York
police officers
6:45 - 6:48

see a young man
loading card after card
6:48 - 6:49

into a nearby ATM machine.
6:49 - 6:53
6:53 - 6:55

During the arrest,
officers discovered
6:55 - 6:58

he is cyber criminal
Albert Gonzalez,
6:58 - 7:00

and they turn him over
to the Secret Service.
7:00 - 7:02

SABRINA RUBIN ERDELY:
The Secret Service
7:02 - 7:05

is responsible for
investigating cyber crime,
7:05 - 7:09

and they very quickly
recognized Albert's potential
7:09 - 7:12

in helping them to bust
other cyber criminals.
7:12 - 7:15

SETH KOSTO: There are places
that a cooperating defendant
7:15 - 7:18

in the cyber world can bring you
that you can't go on your own,
7:18 - 7:22

and that is the value
of working with them.
7:22 - 7:24

NARRATOR: The Secret Service
flips Gonzalez and pays him
7:24 - 7:28

$75 grand a year to help
with Operation Firewall.
7:28 - 7:29

KIMBERLY KIEFER
PERETTI: It wasn't as
7:29 - 7:31

if we were all sitting
around a table together
7:31 - 7:34

and he was sharing,
hearing, understanding
7:34 - 7:36

our strategies, our techniques.
7:36 - 7:39

His role was to continue
as administrator
7:39 - 7:42

of the site typing
on a computer,
7:42 - 7:44

communicating with
these individuals.
7:44 - 7:46

NARRATOR: The successful
undercover sting
7:46 - 7:48

nets 28 ShadowCrew members.
7:48 - 7:51

KIMBERLY KIEFER PERETTI: It
was a benchmark investigation,
7:51 - 7:53

benchmark prosecution,
and everything
7:53 - 7:55

was new every step of the way.
7:55 - 7:57

REPORTER: Authorities say
the thieves they arrested
7:57 - 8:01

had cost more than
$4 million in losses.
8:01 - 8:03

NARRATOR: After
Operation Firewall,
8:03 - 8:08

the Secret Service cuts Gonzalez
loose and he returns to Miami.
8:08 - 8:11

Once a hacker, always a hacker.
8:11 - 8:13

SABRINA RUBIN ERDELY: Legitimacy
for him was not really
8:13 - 8:15

an option at that point.
8:15 - 8:17

Because Albert
had gained so much
8:17 - 8:20

insight while
working for the Feds,
8:20 - 8:24

and he was not a person
to pass on an opportunity.
8:24 - 8:26

NARRATOR: Next on
American Greed,
8:26 - 8:30

Gonzalez forms his own gang
with a plan to make millions.
8:30 - 8:32

SABRINA RUBIN ERDELY: He
called it Operation Get
8:32 - 8:34

Rich or Die Trying.
8:34 - 8:36

It certainly was a
very ominous title,
8:36 - 8:38

and it certainly foreshadowed
what was to come.
8:38 - 8:42

[MUSIC PLAYING]
8:42 - 8:54
8:54 - 8:56

NARRATOR: Miami, Florida.
8:56 - 8:59

It's a playground for
the world's wealthiest
8:59 - 9:01

and for those
aspiring to have it
9:01 - 9:06

all, like 23-year-old
hacker, Albert Gonzalez.
9:06 - 9:09

In October 2004,
Gonzalez turns rat
9:09 - 9:12

and helps the Secret
Service bring down
9:12 - 9:16

ShadowCrew, the biggest
cyber crime bust to date.
9:16 - 9:19

But all the while,
he's plotting Operation
9:19 - 9:20

Get Rich or Die Trying.
9:20 - 9:21

SABRINA RUBIN
ERDELY: I think it's
9:21 - 9:25

safe to say the Secret Service
had no idea that Albert
9:25 - 9:27

was playing both sides.
9:27 - 9:30

That he was becoming a
master criminal while
9:30 - 9:33

at the same time working
as a snitch for them.
9:33 - 9:35

STEPHEN HEYMANN: His
overall business plan
9:35 - 9:41

was to break into a
series of major retailers,
9:41 - 9:44

obtain their credit and
debit card information,
9:44 - 9:47

and then either to
sell them or, in fact,
9:47 - 9:51

use other members of his
gang to cash them out.
9:51 - 9:55

To go to ATMs and use them
as essentially cows and milk
9:55 - 9:57

them till they were dry.
9:57 - 10:00

NARRATOR: Gonzalez enlist
the help of several hackers
10:00 - 10:02

he'd met online years before.
10:02 - 10:03

KIMBERLY KIEFER PERETTI:
They started off
10:03 - 10:06

as teenage friends trying
to get into government
10:06 - 10:10

sites, military sites,
and very quickly that
10:10 - 10:14

changed from hacking
for fun and curiosity
10:14 - 10:16

to hacking for profit.
10:16 - 10:18

STEPHEN HEYMANN: A number
of the collaborators
10:18 - 10:24

of Albert Gonzalez had
significant day jobs.
10:24 - 10:27

They were doing
security intrusion work
10:27 - 10:30

earning tens of thousands
or, at least one case,
10:30 - 10:34

in excess of $100,000
a year in salary.
10:34 - 10:38

NARRATOR: Stephen Watt,
Patrick Tooey, Chris Scott,
10:38 - 10:42

and Jonathan James become
Gonzalez' Hack Pack.
10:42 - 10:46

SABRINA RUBIN ERDELY: Stephen
Watt was a coding genius.
10:46 - 10:48

He graduated from
high school at 16.
10:48 - 10:51

He graduated from
college at age 19
10:51 - 10:55

and went on to take a job in
the IT Department of Morgan
10:55 - 10:57

Stanley, the Wall Street
investment banking
10:57 - 11:00

firm in Manhattan.
11:00 - 11:03

NARRATOR: Gonzalez meets Patrick
Tooey on a ShadowCrew cash
11:03 - 11:06

out trip in 2003.
11:06 - 11:08

SABRINA RUBIN ERDELY:
He came from a household
11:08 - 11:09

with a shifting
cast of characters
11:09 - 11:13

and had turned to hacking
as a way to kind of funnel
11:13 - 11:17

his alienation, his rage.
11:17 - 11:18

Patrick would do
anything that Albert
11:18 - 11:22

asked, from the coding to the
cash out trips and anything
11:22 - 11:23

in between.
11:23 - 11:26

He probably would have picked
up Alpert's dry cleaning
11:26 - 11:26

if he asked him to.
11:26 - 11:29

NARRATOR: Chris Scott
and Jonathan James
11:29 - 11:31

round out the gang.
11:31 - 11:32

SABRINA RUBIN
ERDELY: Chris Scott
11:32 - 11:38

was a depressed,
overweight geek from Miami
11:38 - 11:41

who had been ejected
from his high school
11:41 - 11:45

for disabling all of the
computers with a virus.
11:45 - 11:47

Chris' greatest
strength was probably
11:47 - 11:50

that he was best friends
with Jonathan James, who
11:50 - 11:54

was probably the most
famous hacker at the time.
11:54 - 11:56

He was very well known.
11:56 - 12:00

NARRATOR: At 16, Jonathan
James stakes his claim to fame
12:00 - 12:02

by serving six
months for hacking
12:02 - 12:06

into NASA and Defense
Department computers,
12:06 - 12:09

becoming the youngest
hacker ever sentenced.
12:09 - 12:12

Together, Gonzalez and his
crew become a tight knit band
12:12 - 12:13

of brothers.
12:13 - 12:15

STEPHEN HEYMANN:
These guys are driven
12:15 - 12:19

by a lot of the same things
that we're driven by.
12:19 - 12:24

They have an ego, they like
challenge, and, of course,
12:24 - 12:28

they like money and everything
you can get from money.
12:28 - 12:30

NARRATOR: Operation
Get Rich starts small
12:30 - 12:33

using a technique
called war driving.
12:33 - 12:35

CHRIS ROBERTS: So
we've just gone
12:35 - 12:40

by a really nice place that
was not very well encrypted.
12:40 - 12:41

NARRATOR: Chris
Roberts is a gray hat
12:41 - 12:45

hacker, an internet security
expert specializing in fraud.
12:45 - 12:47

CHRIS ROBERTS: As we're
driving along here,
12:47 - 12:50

we're still pulling in
a lot of wireless access
12:50 - 12:51

points, a lot of systems.
12:51 - 12:54

Some are encrypted, some
aren't very well encrypted.
12:54 - 12:58

And we've pulled in 800 access
points and almost 500 computers
12:58 - 13:01

and systems that are
attached to them.
13:01 - 13:03

NARRATOR: Like
Roberts, the Hack Pack
13:03 - 13:08

uses a Wi-Fi antenna to find
unencrypted or vulnerable
13:08 - 13:09

networks.
13:09 - 13:10

CHRIS ROBERTS: We're
able to just listen
13:10 - 13:13

in and see what kind of wireless
systems are advertising.
13:13 - 13:14

No different than a radio.
13:14 - 13:17

As you drive along with a
radio, you go in and out
13:17 - 13:18

of signal strengths.
13:18 - 13:21

This is basically
the same thing.
13:21 - 13:23

NARRATOR: Chris Scott
and Jonathan James
13:23 - 13:27

tune into one store at a
time along US-1 in Miami.
13:27 - 13:28

CHRIS ROBERTS:
They'll have pulled
13:28 - 13:32

into every single one of these
retail areas, slowly driven
13:32 - 13:36

through to see what wireless
access points were advertising,
13:36 - 13:38

and to see which
ones were encrypted
13:38 - 13:40

or which ones were
not encrypted.
13:40 - 13:41

SABRINA RUBIN
ERDELY: The first one
13:41 - 13:46

that they found was a BJ's
Wholesale Club where they
13:46 - 13:51

parked outside and downloaded
all of the credit and debit
13:51 - 13:56

card numbers as they were
being swiped by the customers.
13:56 - 13:58

NARRATOR: Gonzalez
forwards thousands
13:58 - 14:01

of card numbers to Patrick
Tooey and other associates.
14:01 - 14:02

CHRIS ROBERTS: So at
that point in time,
14:02 - 14:05

you need a little device, which
is a card reader and a writer,
14:05 - 14:08

and you'll also need
some blank credit cards.
14:08 - 14:12

NARRATOR: They then encode
the information onto blanks,
14:12 - 14:15

and runners cashed
them out at ATMs.
14:15 - 14:17

Gonzalez, who was
raised a Catholic,
14:17 - 14:20

feels a slight twinge of guilt.
14:20 - 14:22

SABRINA RUBIN ERDELY:
He told Patrick,
14:22 - 14:25

we're going to hell for
this, and he really meant it.
14:25 - 14:28

But he made himself feel
better by telling himself
14:28 - 14:29

that once the
fraud was detected,
14:29 - 14:33

then the credit card companies
would restore people's money
14:33 - 14:34

and all would be fine.
14:34 - 14:39

NARRATOR: But war driving
and cashing out is risky.
14:39 - 14:41

CHRIS ROBERTS: I physically
have to put myself in a position
14:41 - 14:43

where I might be videotaped.
14:43 - 14:45

I might be caught on
a surveillance camera.
14:45 - 14:47

Somebody might be clever
enough to work out
14:47 - 14:49

that these stores
are getting hit.
14:49 - 14:50

STEPHEN HEYMANN:
Albert Gonzalez himself
14:50 - 14:53

had learned that cashing out
was a dangerous mechanism
14:53 - 14:57

because he himself had been
arrested while cashing out.
14:57 - 14:59

NARRATOR: Gonzalez knows
there's a better way
14:59 - 15:01

to generate higher volume
with less exposure.
15:01 - 15:05

KIMBERLY KIEFER PERETTI: He's
associating with elite carders
15:05 - 15:07

and hackers in Eastern
Europe and other places,
15:07 - 15:09

so he's trying to
refine his techniques
15:09 - 15:13

and make them even
better and less risky.
15:13 - 15:14

NARRATOR: To do
this, Gonzalez needs
15:14 - 15:18

a program called a sniffer
code, which he lacks
15:18 - 15:20

the technical skills to write.
15:20 - 15:22

CHRIS ROBERTS: That
program then, on its own,
15:22 - 15:24

will look around your computer.
15:24 - 15:26

It will look around
for your social,
15:26 - 15:27

it will look around
for your credit cards,
15:27 - 15:29

it will look around for
your banking information.
15:29 - 15:31

Basically whatever I've
programmed it to do.
15:31 - 15:33

And then it will call
back to me and say,
15:33 - 15:34

here's all your information.
15:34 - 15:36

Have a nice day.
15:36 - 15:38

NARRATOR: Gonzalez
calls on Stephen Watt,
15:38 - 15:41

who fires off the code in
10 hours, free of charge.
15:41 - 15:43

SABRINA RUBIN ERDELY:
And it was really
15:43 - 15:47

the key to this being the
cyber crime of the century.
15:47 - 15:50

NARRATOR: Once the
sniffer code is installed,
15:50 - 15:54

they can access, copy, and
download data remotely,
15:54 - 15:55

and it starts to pour in.
15:55 - 15:57

CHRIS ROBERTS:
Obviously, when you're
15:57 - 15:59

attacking a system, when
you're gathering data,
15:59 - 16:01

you need somewhere to
put this information.
16:01 - 16:03

You're not going to want to
put it right on your computer
16:03 - 16:06

because if your computer gets
lost, stolen, taken, or seized,
16:06 - 16:09

you just handed somebody
a huge amount of evidence.
16:09 - 16:13

NARRATOR: Gonzalez needs a
safe place to stash the data.
16:13 - 16:14

SABRINA RUBIN
ERDELY: Patrick Tooey
16:14 - 16:19

had set up servers in Latvia,
Singapore, China, and Ukraine
16:19 - 16:23

to store all of these reams
and reams, mountains of data.
16:23 - 16:26

NARRATOR: But in storage, the
numbers near their expiration
16:26 - 16:29

dates and they
diminish in value,
16:29 - 16:32

so he calls on an
international crime lord
16:32 - 16:34

to expedite distribution.
16:34 - 16:37

PETER GANNON: Maksym Yastremskiy
is the Ukrainian national
16:37 - 16:40

who was the biggest wholesaler
of credit and debit cards
16:40 - 16:42

around the world.
16:42 - 16:44

NARRATOR: Yastremskiy
sells the card numbers
16:44 - 16:50

for between $150 and $300 a pop,
of which Gonzalez takes half.
16:50 - 16:52

PETER GANNON: Yastremskiy
would sell those cards
16:52 - 16:54

via the internet
or in these carding
16:54 - 16:58

forms or portals to
other lower level sales
16:58 - 17:00

people, who would then turn
around and sell them again.
17:00 - 17:02

NARRATOR: Yastremskiy
Distributes the profits
17:02 - 17:06

to Gonzalez through
online currency exchanges.
17:06 - 17:11

Soon, packages
containing up to $370,000
17:11 - 17:13

are piling up at
Gonzalez' dropbox.
17:13 - 17:14

SABRINA RUBIN
ERDELY: He actually
17:14 - 17:18

complained to Stephen Watt that
once his money counter broke
17:18 - 17:21

from overuse, and he complained
that he had to count, manually,
17:21 - 17:24

$340,000.
17:24 - 17:27

NARRATOR: By the summer
of 2005, Gonzalez
17:27 - 17:30

begins to indulge in his new
lifestyle as a mini mogul.
17:30 - 17:32

SABRINA RUBIN ERDELY: It
was completely over-the-top.
17:32 - 17:35

I would say much of the
profits from Operation Get Rich
17:35 - 17:38

or Die Trying went
right up their noses.
17:38 - 17:41

NARRATOR: Gonzalez and his
crew book a $5,000 a night
17:41 - 17:44

suite at the Loews
Hotel in South Beach.
17:44 - 17:46

SABRINA RUBIN ERDELY:
When they were in Miami,
17:46 - 17:49

they would make this
insane concoction called
17:49 - 17:53

a magic milkshake, which was
cookies and cream Haagen-Dazs
17:53 - 17:58

ice cream, skim milk,
magic mushrooms, LSD,
17:58 - 18:02

and ecstasy all blended
together to create
18:02 - 18:08

just the most extreme,
insane experience ever.
18:08 - 18:12

NARRATOR: Gonzalez also throws
himself an extravagant party
18:12 - 18:15

to celebrate his birthday
in New York City.
18:15 - 18:17

SABRINA RUBIN ERDELY:
They would lay out a drug
18:17 - 18:19

buffet on the coffee table.
18:19 - 18:23

So C for coke, E for ecstasy.
18:23 - 18:26

They had the best champagne,
they had the best designer
18:26 - 18:29

drugs, they had the most
beautiful women there.
18:29 - 18:32

It was like life as
they would design it.
18:32 - 18:35

NARRATOR: Despite this
drug fueled lifestyle,
18:35 - 18:38

Gonzalez never loses
control of his business.
18:38 - 18:40

SABRINA RUBIN ERDELY:
He was always reachable.
18:40 - 18:42

He slept with his
laptop next to him.
18:42 - 18:46

He brought his laptop with
him on vacation, to the gym.
18:46 - 18:49

He always had it with him.
18:49 - 18:52

NARRATOR: Next on American
Greed, Operation Get Rich
18:52 - 18:55

or Die Trying gets
more sophisticated
18:55 - 18:57

and the hackers up the ante.
18:57 - 18:59

SABRINA RUBIN ERDELY: The
idea that these guys were
18:59 - 19:03

able to slip past all of these
levels of internet security
19:03 - 19:04

was just incredible.
19:04 - 19:08

NARRATOR: And the hackers
take one company to the brink.
19:08 - 19:09

BOB CARR: What do
you do when you're
19:09 - 19:11

facing the worst
possible thing that
19:11 - 19:13

can happen to your company?
19:13 - 19:16

[MUSIC PLAYING]
19:16 - 19:26
19:26 - 19:29

NARRATOR: By 2005, Albert
Gonzalez and his crew
19:29 - 19:33

had successfully hacked into
several retailers along US-1
19:33 - 19:35

in South Florida.
19:35 - 19:39

These big box stores send data
to corporate servers, which
19:39 - 19:42

Gonzalez knows is
the real gold mine.
19:42 - 19:44

CHRIS ROBERTS: It's very
much a case of well, hang on.
19:44 - 19:47

If I can do it to these couple
of individuals in a store
19:47 - 19:51

or if I can do it to
these couple of stores,
19:51 - 19:53

can I do it to more stores?
19:53 - 19:55

Can I do it to a
series of stores?
19:55 - 19:57

Can I do it to a bigger store?
19:57 - 19:59

And then you go to,
can I actually get
19:59 - 20:00

the core centralized system?
20:00 - 20:01

And then it's like, wow, OK.
20:01 - 20:04

If I can get the core system,
who processes all the data?
20:04 - 20:06

I can go for the mother
lode at that point.
20:06 - 20:09

NARRATOR: He orders his crew
to perform reconnaissance
20:09 - 20:11

on potential targets.
20:11 - 20:13

STEPHEN HEYMANN: They identified
them in a variety of ways.
20:13 - 20:16

Christopher Scott simply
going up and down Route 1
20:16 - 20:19

with his computer, seeing where
there were vulnerable access
20:19 - 20:20

points.
20:20 - 20:23

Going down the list of
Fortune 500 companies,
20:23 - 20:27

identifying companies that
shared a common credit card
20:27 - 20:30

processing system, or
identifying ones that
20:30 - 20:33

had vulnerable payment systems.
20:33 - 20:35

PETER GANNON: So walk in,
maybe make a purchase,
20:35 - 20:38

or just walk in and look to see
what point of sales terminal
20:38 - 20:40

the stores were using so
they could reverse engineer
20:40 - 20:43

how to break in to
the corporate networks
20:43 - 20:46

through these different
point of sales terminals.
20:46 - 20:49

NARRATOR: That July,
they hit TJX Companies,
20:49 - 20:53

the publicly traded parent
of Marshalls and TJ Maxx.
20:53 - 20:54

STEPHEN HEYMANN:
Christopher Scott
20:54 - 20:57

breaks into two vulnerable
wireless access points
20:57 - 21:01

at two Marshall's stores
along Route 1 in Florida.
21:01 - 21:04

Within a matter of weeks,
he's able to move from there
21:04 - 21:09

into one of the major payment
card processing servers
21:09 - 21:10

that TJX is using.
21:10 - 21:12

CHRIS ROBERTS: You have
access, at that point in time,
21:12 - 21:13

to the corporate site.
21:13 - 21:15

Because now you have
all of these stores
21:15 - 21:18

are sending their daily, weekly,
monthly batches all the way up
21:18 - 21:20

to the corporate location.
21:20 - 21:23

NARRATOR: Chris Scott,
Gonzalez' foot soldier,
21:23 - 21:25

explores the network.
21:25 - 21:28

STEPHEN HEYMANN: He gets
increasing amounts of rights
21:28 - 21:30

or privileges to move
around the system
21:30 - 21:35

and discovers a storage
location that has 40 or 50
21:35 - 21:37

million payment card numbers.
21:37 - 21:40

NARRATOR: They download
that batch of data,
21:40 - 21:42

but Gonzalez isn't satisfied.
21:42 - 21:46

He wants access to all the
numbers coming in to TJX,
21:46 - 21:49

not just the numbers
in the storage.
21:49 - 21:53

In May 2006, Chris Scott
installs and configures
21:53 - 21:55

a VPN, or virtual
Private Network.
21:55 - 21:57

SABRINA RUBIN
ERDELY: Albert's crew
21:57 - 21:59

had set up a virtual
private network, which
21:59 - 22:03

is a secure connection
between TJX's server
22:03 - 22:04

and one of Albert's servers.
22:04 - 22:07

So whenever they wanted to,
they could just tap that keg,
22:07 - 22:10

open up the connection, and
let the data stream from
22:10 - 22:14

TJX's server right
onto Albert's.
22:14 - 22:17

NARRATOR: Scott then
installs a sniffer code,
22:17 - 22:20

the program that copies numbers
while they're being processed.
22:20 - 22:21

STEPHEN HEYMANN: It
turns out that there's
22:21 - 22:26

a very tiny window of time
when the credit and debit card
22:26 - 22:28

numbers aren't being
encrypted, when
22:28 - 22:31

it happens to be in the open
as it's being processed,
22:31 - 22:34

and it's during that period
that they make a photocopy of it
22:34 - 22:37

all for themselves.
22:37 - 22:41

NARRATOR: Using the
handle 201679996,
22:41 - 22:45

Gonzalez instant messages
Maksym Yastremskiy,
22:45 - 22:48

his Ukrainian partner in crime.
22:48 - 22:50

In that chat, he mentions
the sniffer code.
22:50 - 22:55

Soon Yastremskiy could
expect more data.
22:55 - 22:57

Business is booming
for Gonzalez,
22:57 - 23:00

whose crew downloads
more than 45 million card
23:00 - 23:02

numbers through December 2006.
23:02 - 23:04

SABRINA RUBIN ERDELY:
If you shopped
23:04 - 23:07

at any of these retail stores
during that period of time,
23:07 - 23:09

there's a very good chance
that your credit card or debit
23:09 - 23:11

card was compromised.
23:11 - 23:14

NARRATOR: That Christmas, more
than 18 months after Gonzalez'
23:14 - 23:19

crew first hit TJX, the retail
giant detects suspicious
23:19 - 23:21

software on its systems.
23:21 - 23:24

Alarm bells sound, and the
Feds begin to investigate.
23:24 - 23:25

KIMBERLY KIEFER
PERETTI: We didn't
23:25 - 23:28

know if it was
one individual, it
23:28 - 23:31

was several different groups
doing these compromises.
23:31 - 23:33

STEPHEN HEYMANN: What did
we know from the forensics
23:33 - 23:34

as to where it was going?
23:34 - 23:37

Did it look like anybody
else that we'd ever seen?
23:37 - 23:41

All of these things were being
carefully followed out wholly,
23:41 - 23:45

I'm embarrassed to
say, unsuccessfully.
23:45 - 23:48

NARRATOR: By January
2007, Gonzalez
23:48 - 23:51

has pulled in more than 45
million credit and debit card
23:51 - 23:54

numbers from TJX and
he decides to get out
23:54 - 23:57

of the corporate system,
but trouble is beginning
23:57 - 23:59

to brew half a world away.
23:59 - 24:01

STEPHEN HEYMANN:
The Secret Service
24:01 - 24:04

had been conducting a totally
separate and totally unrelated
24:04 - 24:07

investigation into
Maksym Yastremskiy
24:07 - 24:12

for his international sale of
credit and debit card numbers.
24:12 - 24:15

NARRATOR: Turkish authorities
arrest Maksym Yastremskiy
24:15 - 24:16

that July.
24:16 - 24:19

STEPHEN HEYMANN: That
leads to the seizure
24:19 - 24:24

of a laptop computer, which
the Turks provide to the Secret
24:24 - 24:24

Service.
24:24 - 24:26

SABRINA RUBIN ERDELY: When
they opened up this computer,
24:26 - 24:30

they found all kinds of
things, including lots of chat
24:30 - 24:34

logs with an American who
went by an obscure string
24:34 - 24:36

of numbers.
24:36 - 24:42

STEPHEN HEYMANN: 201679996 is
passing on a piece of software
24:42 - 24:48

and says it's one that I
modified for use in TJX.
24:48 - 24:52

And that starts the
investigation of who 201 is
24:52 - 24:56

and how Maksym
Yastremskiy relates to TJX
24:56 - 24:59

and to other investigations.
24:59 - 25:00

NARRATOR: They
find further chats
25:00 - 25:03

about a breach of
Dave and Busters,
25:03 - 25:04

the entertainment chain.
25:04 - 25:06

PETER GANNON: Maksym
Yastremskiy said
25:06 - 25:10

he had another hacker who
was into a company named
25:10 - 25:12

D&B in the United States.
25:12 - 25:14

NARRATOR: Yastremskiy
had asked 201
25:14 - 25:18

to provide a sniffer code to
capture Dave and Busters credit
25:18 - 25:19

card data.
25:19 - 25:21

PETER GANNON: That sniffer
program with the same sniffer
25:21 - 25:23

that was utilized
in the TJX hacks,
25:23 - 25:28

so that was our first
clue that 20167996 may
25:28 - 25:30

have been involved with TJX.
25:30 - 25:33

NARRATOR: The Feds follow
these leads for months, just
25:33 - 25:38

as Gonzalez heads into the final
phase of Operation Get Rich.
25:38 - 25:41

With Yastremskiy
behind bars, Gonzalez
25:41 - 25:44

decides to keep a closer
eye on his associates,
25:44 - 25:46

especially Patrick Tooey,
his right hand man.
25:46 - 25:48

SABRINA RUBIN ERDELY: It
was more important than ever
25:48 - 25:51

that he exert as much
control as possible
25:51 - 25:53

over all of the variables.
25:53 - 25:55

NARRATOR: In August,
Gonzalez moves Tooey
25:55 - 25:57

into his Miami condo.
25:57 - 25:59

It's a far cry from
the hotel suites
25:59 - 26:01

they've partied in before.
26:01 - 26:02

SABRINA RUBIN ERDELY:
It was a dump.
26:02 - 26:05

In part, it was because he
wanted to live under the radar,
26:05 - 26:08

because he understood from his
experience with law enforcement
26:08 - 26:10

that spending money is one of
those things that gives you
26:10 - 26:11

away.
26:11 - 26:11

KIMBERLY KIEFER
PERETTI: It's different,
26:11 - 26:13

though, from some
of the hackers we've
26:13 - 26:15

seen in Eastern Europe where
they'll buy a restaurant,
26:15 - 26:18

they'll buy a housing
project or complex, they'll
26:18 - 26:21

buy million dollar apartments.
26:21 - 26:22

That wasn't this crew here.
26:22 - 26:25

They might buy a
few nice computers
26:25 - 26:28

or recreational
items, but they're not
26:28 - 26:31

living in the million dollar
apartments in Manhattan.
26:31 - 26:33

NARRATOR: By late
fall, operation
26:33 - 26:37

get rich progresses from war
driving to more complicated web
26:37 - 26:39

based hacks.
26:39 - 26:42

Gonzalez conspires with
Tooey and two Russians
26:42 - 26:44

to commit a series of
other intrusions using
26:44 - 26:48

a diabolical plan known
as a SQL injection attack.
26:48 - 26:50

KIMBERLY KIEFER PERETTI:
A SQL injection attack
26:50 - 26:56

is an internet based attack on a
website that's database driven.
26:56 - 26:58

So the most important
difference is
26:58 - 27:01

you don't need that
physical proximity anymore
27:01 - 27:04

to conduct these types of
remote hacks into systems.
27:04 - 27:09

You can be sitting in India
and do a SQL injection
27:09 - 27:14

internet based attack on a
computer system in California.
27:14 - 27:17

NARRATOR: Coming up, Gonzalez
and his co-conspirators
27:17 - 27:21

go to the mother lode and
target a credit card processing
27:21 - 27:23

company, their
biggest prize yet.
27:23 - 27:25

STEPHEN HEYMANN: They
were in a position
27:25 - 27:31

to access tens of millions of
payment card numbers quickly,
27:31 - 27:33

and that was a golden goose.
27:33 - 27:36

CHRIS ROBERTS: To the hackers,
the credit card processing
27:36 - 27:38

company, it's like the holy
grail at that point in time.
27:38 - 27:41
27:41 - 27:44

[MUSIC PLAYING]
27:44 - 27:46
27:46 - 27:50

NARRATOR: By December 2007,
Operation Get Rich or Die
27:50 - 27:54

Trying has entered its
most ambitious phase yet.
27:54 - 27:56

Albert Gonzalez and
his conspirators
27:56 - 27:59

target several companies,
including Heartland Payment
27:59 - 28:03

Systems, one of the world's
largest payment processors.
28:03 - 28:07

BOB CARR: We process for about
250,000 locations in America
28:07 - 28:11

and a few in Canada,
and we process about 4
28:11 - 28:13

billion transactions a year.
28:13 - 28:16

NARRATOR: Bob Carr is
the founder, chairman,
28:16 - 28:20

and chief executive officer
of Heartland Payment Systems.
28:20 - 28:21

BOB CARR: There's
no doubt that people
28:21 - 28:24

who process billions
of transactions
28:24 - 28:27

are the mother lode of data.
28:27 - 28:28

That's for sure.
28:28 - 28:30

When we were doing our
initial public offering
28:30 - 28:34

in stock on the road show,
the question everyone
28:34 - 28:36

asked is, what keeps
you awake at night?
28:36 - 28:39

And my answer was
always getting breached.
28:39 - 28:41

NARRATOR: But Carr
is totally unaware
28:41 - 28:45

that his worst nightmare
is coming true.
28:45 - 28:48

Gonzalez and Patrick Tooey
invisibly hack into Heartland
28:48 - 28:50

using a SQL injection attack.
28:50 - 28:52

RICHARD WANG: If I were to
walk up to you on the street
28:52 - 28:54

and say, can you
tell me the time?
28:54 - 28:55

You'd tell me the time.
28:55 - 28:57

But if I were to walk up to
you on the street and say,
28:57 - 29:00

can you tell me your name,
address, social security
29:00 - 29:01

number, and mother's
maiden name?
29:01 - 29:02

Then you're not
going to do that.
29:02 - 29:05

You're smart enough to know the
difference between information
29:05 - 29:06

you should give
out and information
29:06 - 29:08

you shouldn't give out.
29:08 - 29:11

Whereas with a website that's
subjected to a SQL injection
29:11 - 29:15

attack, it's not programmed
to correctly recognize
29:15 - 29:16

which commands it
should obey and which
29:16 - 29:18

commands it should ignore.
29:18 - 29:22

NARRATOR: They install a
sniffer code to copy data
29:22 - 29:23

in small, well-timed chunks.
29:23 - 29:25

SETH KOSTO: From
there, it was a matter
29:25 - 29:28

of having that sniffing software
work and send the payment card
29:28 - 29:31

information, the credit and
debit card information out
29:31 - 29:33

to hacking platforms
in foreign countries
29:33 - 29:36

and in the United States
that could be used to receive
29:36 - 29:39

and store the card
data that was stolen,
29:39 - 29:40

but also the malware,
the software that
29:40 - 29:43

was used to sell it.
29:43 - 29:44

NARRATOR: For
months, the hackers
29:44 - 29:46

tap into Heartland's network.
29:46 - 29:47

CHRIS ROBERTS: You
don't want to turn
29:47 - 29:49

the spigot on the
whole way and just
29:49 - 29:50

drain the thing immediately.
29:50 - 29:54

You want to take a little bit
at a time and keep on taking it.
29:54 - 29:57

NARRATOR: They access more
than 130 million credit
29:57 - 29:59

and debit card numbers.
29:59 - 30:02

BOB CARR: These bad guys spent
hours and hours and hours
30:02 - 30:04

for months and months
and months trying
30:04 - 30:07

to figure out and
customize an attack that
30:07 - 30:10

would get through and get
into our payments network,
30:10 - 30:12

and they were able to do that.
30:12 - 30:14

NARRATOR: Back at
the Secret Service,
30:14 - 30:18

agents have been combing through
Maksym Yastremskiy's computer,
30:18 - 30:23

They find chats referring to
someone with the initials CJ.
30:23 - 30:26

KIMBERLY KIEFER PERETTI: CJ
Is short for cumbajohnny,
30:26 - 30:28

which is the name
we had Gonzalez
30:28 - 30:32

use when he was an informant
in Operation Firewall.
30:32 - 30:37

It's a very small connection
very much at the periphery,
30:37 - 30:41

but we had one or two of
those little indications start
30:41 - 30:42

to unravel.
30:42 - 30:44

NARRATOR: They also
learned the Ukrainian crime
30:44 - 30:51

lord has been chatting with a
mysterious American, 201679996,
30:51 - 30:55

who was somehow involved
in the TJX hack.
30:55 - 31:01

STEPHEN HEYMANN: 201679996 is
connected to an email address,
31:01 - 31:05

soupnazi@efnet.ru,
and the Secret Service
31:05 - 31:08

recognizes that
email address as one
31:08 - 31:12

that has been used previously
by Albert Gonzalez.
31:12 - 31:17

For the first time,
there was a major lead.
31:17 - 31:20

NARRATOR: Shock waves rippled
through the Secret Service.
31:20 - 31:22

Is Gonzalez playing both sides?
31:22 - 31:24

SABRINA RUBIN ERDELY: While
Albert is masterminding
31:24 - 31:27

this incredible cyber
crime, he is still working
31:27 - 31:30

as an informant for the Feds.
31:30 - 31:33

NARRATOR: Agents moved quickly
to secure warrants to arrest
31:33 - 31:35

Gonzalez and his crew.
31:35 - 31:39

And by now, Gonzalez knows
the heat is coming down.
31:39 - 31:41

KIMBERLY KIEFER PERETTI: When
you were involved with someone
31:41 - 31:44

that gets arrested, you're
going to be more apprehensive,
31:44 - 31:47

and we had seen in the
chats that 201 person being
31:47 - 31:49

apprehensive about
that situation.
31:49 - 31:54

So he most likely knew from
reading public information
31:54 - 31:59

about our cases, hearing
things, that we were closing in.
31:59 - 32:03

NARRATOR: On May 7, 2008,
after nearly a year long
32:03 - 32:07

investigation, the Feds
go after their informant.
32:07 - 32:09

KIMBERLY KIEFER PERETTI:
These young kids had access
32:09 - 32:12

to documents that would allow
them to immediately flee
32:12 - 32:16

the country, and we were very,
very concerned that Gonzalez
32:16 - 32:18

was going to be one of those.
32:18 - 32:20

And once he was gone, we
would never get him back.
32:20 - 32:23
32:23 - 32:27

NARRATOR: About 150 agents
scour Gonzalez' condo,
32:27 - 32:31

his parents' house, and
several other residences.
32:31 - 32:33

PETER GANNON: From
Gonzalez' condominium,
32:33 - 32:38

there was multiple computers
and media that was seized,
32:38 - 32:41

a large quantity of cash.
32:41 - 32:42

At Gonzalez' parents'
residence, we
32:42 - 32:47

see a number of computers,
documents, a money counter.
32:47 - 32:50

NARRATOR: But Gonzalez
is nowhere to be found.
32:50 - 32:52

KIMBERLY KIEFER PERETTI: When
they arrived at the place where
32:52 - 32:54

they thought Albert
Gonzalez would be,
32:54 - 32:56

at his parents' house or
his girlfriend's house,
32:56 - 33:00

he was neither, and that's
when the panic began.
33:00 - 33:03

NARRATOR: On a tip, they search
a suite at the National Hotel
33:03 - 33:07

in Miami's South Beach, where
they find Gonzalez along
33:07 - 33:14

with two laptops, $22,000 in
cash, and a Glock 27 handgun.
33:14 - 33:16

They arrest Gonzalez
and Christopher Scott
33:16 - 33:17

that same day.
33:17 - 33:19

Patrick Tooey is
arrested soon after.
33:19 - 33:21

SABRINA RUBIN ERDELY:
Patrick knew he was sunk.
33:21 - 33:24

He knew that he and
the entire operation,
33:24 - 33:25

they were just dead meat.
33:25 - 33:28

He started talking immediately.
33:28 - 33:31

After Albert discovered that
Patrick was cooperating,
33:31 - 33:34

Albert himself became
very cooperative
33:34 - 33:37

and he led them to a lot of
information, including he
33:37 - 33:39

told them where the
money was buried
33:39 - 33:41

in his parents' backyard.
33:41 - 33:44

NARRATOR: Investigators returned
to Albert's childhood home,
33:44 - 33:46

where they searched the yard.
33:46 - 33:50

They find a barrel buried
beneath a palm tree.
33:50 - 33:52

PETER GANNON: Once the
earth was unsealed,
33:52 - 33:56

inside was over $1 million
of vacuum packed cash.
33:56 - 34:01

NARRATOR: Gonzalez has stashed
$1.1 million in plastic bags
34:01 - 34:02

for safe keeping.
34:02 - 34:06

Soon, the Feds unearth more
secrets about the case.
34:06 - 34:09

KIMBERLY KIEFER PERETTI: When we
executed those search warrants,
34:09 - 34:12

one of the individuals
spoke and said
34:12 - 34:16

that Albert Gonzalez
used the nickname segvec,
34:16 - 34:19

and that was the evidence
we were looking for
34:19 - 34:22

to get us over the edge
and be able to indict him.
34:22 - 34:25

NARRATOR: Segvec,
the handle Gonzalez
34:25 - 34:27

used during chats
with Yastremskiy
34:27 - 34:29

about Dave and Busters,
clinches it for the Feds.
34:29 - 34:31

KIMBERLY KIEFER PERETTI:
Finally, really, we're
34:31 - 34:33

starting to unravel and
understand all these data
34:33 - 34:36

breaches we had seen
happen over the years.
34:36 - 34:37

It was really exciting.
34:37 - 34:39

It was shocking.
34:39 - 34:41

NARRATOR: A few weeks later,
the criminal complaint
34:41 - 34:44

against Gonzalez
is posted online,
34:44 - 34:46

and it rocks the
hacking underworld.
34:46 - 34:48

SABRINA RUBIN ERDELY: This
is a very close community
34:48 - 34:49

of hackers.
34:49 - 34:50

These are people,
you have to remember,
34:50 - 34:54

who are very alienated
from the rest of society.
34:54 - 34:56

They feel that all they
have is each other.
34:56 - 34:59

NARRATOR: 24-year-old
Jonathan James, Gonzalez'
34:59 - 35:02

former war driver,
is shocked to learn
35:02 - 35:04

that his boss has been
working for the Secret Service
35:04 - 35:05

since 2003.
35:05 - 35:08

CHRIS ROBERTS: There's just been
this nice set of cliquey groups
35:08 - 35:09

and you can trust everybody.
35:09 - 35:12

And now you're like, well,
whose side are you on?
35:12 - 35:16

NARRATOR: James, who had become
famous for hacking as a teen,
35:16 - 35:19

believes his friends
will rat him out.
35:19 - 35:22

Coming up, James taking
matters into his own hands
35:22 - 35:27

and Operation Get Rich or Die
Trying takes a deadly turn.
35:27 - 35:28

SABRINA RUBIN ERDELY:
He did not want
35:28 - 35:31

to have that kind of
heat on him again.
35:31 - 35:33

And the idea that they were
now turning on each other, that
35:33 - 35:35

was intolerable to him.
35:35 - 35:38

[MUSIC PLAYING]
35:38 - 35:45
35:45 - 35:48

NARRATOR: In May 2008,
with Albert Gonzalez
35:48 - 35:51

and his Hack Pack
behind bars, the Feds
35:51 - 35:53

work to shore up their case.
35:53 - 35:56

But Jonathan James, one
of Gonzalez' war drivers,
35:56 - 35:59

is still free, and he
jumps to the conclusion
35:59 - 36:02

that Gonzalez is
going to set him up.
36:02 - 36:04

SABRINA RUBIN ERDELY:
He said that he was sure
36:04 - 36:08

that he was going to be the
scapegoat for this crime given
36:08 - 36:14

his notoriety and also given
that he knew that Albert was
36:14 - 36:16

a government cooperator,
and he was sure
36:16 - 36:18

that Albert was going
to pin the crime on him.
36:18 - 36:21

NARRATOR: James pens a
letter titled "Story Time."
36:21 - 36:24

In it, he says he had
nothing to do with the hack.
36:24 - 36:25

SABRINA RUBIN ERDELY: He
couldn't bear the idea
36:25 - 36:27

that they were all
betraying each other.
36:27 - 36:31

Once these hackers turn on each
other, they had nobody left.
36:31 - 36:33

NARRATOR: Remember, it's
not whether you win or lose,
36:33 - 36:36

it's whether I win or
lose, and sitting in jail
36:36 - 36:40

for 20, 10, or even 5 years
for a crime I didn't commit
36:40 - 36:42

is not me winning.
36:42 - 36:45

I die free.
36:45 - 36:48

Minutes later, he
picks up a handgun,
36:48 - 36:52

points it to his temple,
and pulls the trigger.
36:52 - 36:54

SABRINA RUBIN ERDELY: If
he, in fact, played a part
36:54 - 36:57

in this crime, he played
a very small part,
36:57 - 37:00

and it's not clear whether
he would have been indicted
37:00 - 37:03

had he not killed himself.
37:03 - 37:05

NARRATOR: The Feds
filed more indictments
37:05 - 37:09

against Gonzalez and
his crew in August 2008.
37:09 - 37:12

And for the first time,
the scope of the crime
37:12 - 37:12

becomes clear.
37:12 - 37:14

KIMBERLY KIEFER
PERETTI: We had to keep
37:14 - 37:16

replacing our press
releases of this
37:16 - 37:19

is the most significant,
largest data breach we've had.
37:19 - 37:22

It just kept
building upon itself.
37:22 - 37:25

500,000 numbers, then
a million numbers.
37:25 - 37:27

NARRATOR: The
first indictment is
37:27 - 37:30

filed in New York for the
Dave and Buster's breach,
37:30 - 37:34

the second in Massachusetts
for the hacks into TJX
37:34 - 37:38

Companies, BJ's Wholesale
Club, OfficeMax,
37:38 - 37:40

and several other businesses.
37:40 - 37:43

But despite being
in jail, Gonzalez
37:43 - 37:46

is still wreaking
havoc on the outside.
37:46 - 37:49

In October 2008,
credit card companies
37:49 - 37:53

warn Heartland Payment Systems
of suspicious activity.
37:53 - 37:55

BOB CARR: We hired
forensics companies
37:55 - 37:57

to help try to find it.
37:57 - 38:00

We got reports that there
were no problems found,
38:00 - 38:01

so we thought we
were in the clear.
38:01 - 38:03

When forensics
companies tell you
38:03 - 38:07

that they can't find anything
and they do this for a living,
38:07 - 38:11

you get some sense of comfort
that there's not a problem.
38:11 - 38:15

NARRATOR: Three months go
by, and in January 2009,
38:15 - 38:18

Heartland chiefs get the
call they've been dreading.
38:18 - 38:22

BOB CARR: Someone had found
data in our system that
38:22 - 38:23

could not be explained.
38:23 - 38:25

Data that we did not create.
38:25 - 38:29

In the next couple of days, we
learned that there was malware
38:29 - 38:31

that was creating this
data, and that turned out
38:31 - 38:33

to be the card numbers.
38:33 - 38:36

They were put into files
that were compressed.
38:36 - 38:40

I knew it would be disastrous
for a lot of the stockholders
38:40 - 38:42

of the company, including me.
38:42 - 38:45

NARRATOR: Heartland goes public
with news of the breach days
38:45 - 38:46

later.
38:46 - 38:48

NEWS ANCHOR: Another
big story at 6.
38:48 - 38:51

A credit card processing
company gets hacked into.
38:51 - 38:55

NARRATOR: The company's stock
plummets from about $16 a share
38:55 - 38:59

to less than $4, but the
loss is really much greater.
38:59 - 39:03

We've reported losses
of $139 million
39:03 - 39:06

that we've paid out or
booked that we will pay out.
39:06 - 39:10

So we suffered a net
$110 million dollar loss
39:10 - 39:12

and we still don't
know if we're finished.
39:12 - 39:15

We probably are not, but
we think the bulk of it
39:15 - 39:16

is behind us.
39:16 - 39:18

NEWS ANCHOR: In Focus
this evening, security
39:18 - 39:19

in cyberspace.
39:19 - 39:22

RICHARD WANG: A lot of people
will look at Heartland,
39:22 - 39:25

and they don't want to be
the next headline on CNBC,
39:25 - 39:29

so they're going to be
quite careful to improve
39:29 - 39:32

the standards and make sure that
they're defending themselves.
39:32 - 39:35

NARRATOR: In August 2009,
Gonzalez, Patrick Tooey,
39:35 - 39:37

and two unnamed
Russian hackers are
39:37 - 39:40

indicted in New
Jersey for conspiring
39:40 - 39:43

to break into Heartland and
several other companies.
39:43 - 39:45

SETH KOSTO: Software has sort
of a digital fingerprint,
39:45 - 39:47

a kind of digital DNA.
39:47 - 39:48

And in the process
of investigating it,
39:48 - 39:51

if it has that same DNA,
there's a link between those two
39:51 - 39:52

victims sites.
39:52 - 39:56

And what we ended up with
was enough similarities
39:56 - 39:58

between the five victim
sites to know that we were
39:58 - 40:00

working with one hacking crew.
40:00 - 40:01

NARRATOR: But much
about the case
40:01 - 40:04

remains a mystery, like
how many credit card
40:04 - 40:05

numbers were stolen.
40:05 - 40:07

STEPHEN HEYMANN: There
were tens of millions
40:07 - 40:13

more at TJX and in excess
of 100 million at Heartland
40:13 - 40:17

that could have been taken, but
nobody knows the exact number.
40:17 - 40:19

NARRATOR: And how
much money Gonzalez
40:19 - 40:21

and his crew ultimately
earned from their hacks.
40:21 - 40:23

KIMBERLY KIEFER PERETTI:
They're young kids.
40:23 - 40:25

They spent a lot of money.
40:25 - 40:27

They spent a lot of money
on partying, a lot of money
40:27 - 40:29

on drugs.
40:29 - 40:31

Fun nights out spending $80,000.
40:31 - 40:35

So it's hard for us to
know if they didn't just
40:35 - 40:37

spend most of it too.
40:37 - 40:41

NARRATOR: Prosecutors do know
that victims lose at least $400
40:41 - 40:46

million, and restitution
is set at $172 million.
40:46 - 40:50

STEPHEN HEYMANN: Gonzalez, with
his team, committed the largest
40:50 - 40:54

identity theft ever
prosecuted in the United
40:54 - 40:56

States, and perhaps the world.
40:56 - 40:59

The dollar loss was
so large that it
40:59 - 41:02

changed the behavior
of corporations
41:02 - 41:05

as they realized that
they had to increase
41:05 - 41:08

the level of security because
there was a large dollar
41:08 - 41:09

risk involved.
41:09 - 41:13

So it was changing
to the whole culture
41:13 - 41:15

in the size of what he did.
41:15 - 41:19

NARRATOR: Patrick Tooey,
Stephen Watt, Chris Scott,
41:19 - 41:25

a Maksym Yastremskiy all serve
multi-year sentences in prison.
41:25 - 41:27

And as for Gonzalez--
41:27 - 41:29

STEPHEN HEYMANN: He agreed to
plead guilty to all of them,
41:29 - 41:32

and ultimately received
a 20 year sentence
41:32 - 41:36

to run on each of them at
the same time, restitution
41:36 - 41:42

well in excess of $100 million,
and forfeiture of jewelry,
41:42 - 41:45

computers, and over
$1 million in cash
41:45 - 41:48

that had been dug up in
his parent's backyard.
41:48 - 41:50

NARRATOR: At sentencing,
Gonzalez' attorney
41:50 - 41:53

argues these were
not crimes of greed,
41:53 - 41:57

rather that Gonzalez suffers
from Asperger's syndrome,
41:57 - 41:59

a mild form of autism,
which could explain
41:59 - 42:01

his addiction to computers.
42:01 - 42:03

SABRINA RUBIN ERDELY:
People with Asperger's are
42:03 - 42:06

unable to relate
to other people,
42:06 - 42:10

whereas Albert was
a natural leader.
42:10 - 42:14

He, by definition, could
relate to other people,
42:14 - 42:18

size them up, negotiate with
them, squeeze work product out
42:18 - 42:18

of them.
42:18 - 42:22

He was the exact opposite
of somebody with Asperger's.
42:22 - 42:24

NARRATOR: Court appointed
psychologists find
42:24 - 42:26

no evidence of the disorder.
42:26 - 42:28

STEPHEN HEYMANN: These
guys spent a lot of time
42:28 - 42:33

on their computers, but
so does about 1/2 to 2/3
42:33 - 42:36

of all the students
at nearby MIT.
42:36 - 42:38

So the fact that you
spend a lot of time
42:38 - 42:40

on your computer as a
kid, that you communicate
42:40 - 42:45

with others on your computers,
does not justify crime.
42:45 - 42:46

NARRATOR: In the
end, what begins
42:46 - 42:49

as teenagers hacking
for fun, soon
42:49 - 42:51

becomes the
costliest cyber crime
42:51 - 42:56

in history, an operation
that lives up to its name.
42:56 - 42:59

SABRINA RUBIN ERDELY: When
Albert called this caper
42:59 - 43:01

Operation Get Rich
or Die Trying,
43:01 - 43:03

I'm sure he didn't actually
intend for anyone to die.
43:03 - 43:06

[MUSIC PLAYING]
43:06 - 43:21

Title:: American Greed S05E40 Hackers Operation Get Rich or Die Tryin' HuluRIP ~IPASuperior
Video Language:: English
Duration:: 43:21

textconversionlab edited English subtitles for American Greed S05E40 Hackers Operation Get Rich or Die Tryin' HuluRIP ~IPASuperior

English subtitles

Revisions

Revision 1 Uploaded

textconversionlab

American Greed S05E40 Hackers Operation Get Rich or Die Tryin' HuluRIP ~IPASuperior

Revisions

Our website uses cookies

Operating cookies (Required)