BOSTON – Boston federal judge Douglas Woodlock sentenced master hacker Albert Gonzalez on March 26 to 20 years and one day for a case involving hacking attacks against five companies. The sentence came a day after he was sentenced to two concurrent sentences of 20 years by another judge for two other cases involving hacking attacks; the most recent sentence will run concurrently with the other two.

The case for which he was sentenced on March 26 was transferred to the District of Massachusetts from the District of New Jersey; it involved hacking attacks on 7-Eleven Inc., the Hannaford Bros. Co. supermarket chain, credit and debit card processor Heartland Payment Systems Inc. and two retail companies.

Gonzalez pleaded guilty on Dec. 29, 2009, to two counts of conspiracy to gain unauthorized access to the payment card networks.

Woodlock imposed the 20-year sentence for the charges, plus one day because Gonzalez committed the crime while on pretrial release. Woodlock also said he would recommend to the Bureau of Prison that Gonzalez get credit for the time he’s already served, which is 22 months, according to his lawyer, Boston solo practitioner Martin Weinberg. In addition, Woodlock imposed three years of supervised release without any access to computers and a $25,000 fine.

“It’s sophisticated theft, not different than picking someone’s pocket. Mr. Gonzalez has extraordinary gifts and with those extraordinary gifts he decided to take and he took a lot,” Woodlock said. “This is the kind of crime we’re more and more exposed to with technology. [It] requires a severe sentence that emphasizes respect for the law.”

The sentence imposed by Woodlock will run concurrently with two concurrent sentences imposed by Judge Patti Saris of the District of Massachusetts on March 25. She gave Gonzalez 20 years in prison for two computer hacking cases involving major U.S retail companies and a New York restaurant chain.

Saris also sentenced Gonzalez to three years of supervised release without any access to computers and a total $25,000 fine.

In one of the cases, involving the hacking of retail company networks, Gonzalez was charged with damage to computer systems, wire fraud, access device fraud, aggravated identity theft and conspiracy. The case, which originated in the District of Massachusetts targeted a wide range of national retailers, including Barnes & Noble Inc., BJ’s Wholesale Club Inc., Boston Market Corp., DSW Inc., OfficeMax Inc., The Sports Authority Inc. and discount retailer The TJX Cos. Inc., which owns T.J.Maxx and other stores. On Sept. 11, 2009, Gonzalez pleaded guilty to 20 counts of conspiracy, computer fraud, wire fraud, access device fraud and aggravated identity theft.

In the other of the two cases, Gonzalez was sentenced for conspiracy to commit mail fraud for an Eastern District of New York case that was transferred to the Massachusetts federal court last September. In that case, Gonzalez and two co-conspirators gained unauthorized access to computer servers with customers’ credit and debit card data at 11 Dave & Buster’s Inc. restaurants.

Sheri Qualters can be contacted at