A computer hacker who was once a federal informant and was a driving force behind one of the largest cases of identity theft in US history pleaded guilty in a deal with prosecutors that will send him to prison for up to 25 years.

Albert Gonzalez, 28, of Miami, admitted pulling off some of the most prominent hacking jobs of the decade - invading the computer systems of such retailers as TJX Cos., BJ's Wholesale Club, OfficeMax, Boston Market, Barnes & Noble and Sports Authority.

Download the new Independent Premium app Sharing the full story, not just the headlines

Federal authorities say tens of millions of credit and debit card numbers were stolen.

Gonzalez entered guilty pleas in US District Court in Boston to 19 counts of conspiracy, computer fraud, wire fraud, access device fraud and aggravated identity theft.

He also pleaded guilty to a New York indictment charging one count of conspiracy to commit wire fraud for hacks into the Dave & Buster's restaurant chain.

Under his plea agreements, Gonzalez faces 15 to 25 years in prison in the Massachusetts case and up to 20 years in the New York case. The sentences would run concurrently.

Albert Gonzalez, 28, of Miami, admitted pulling off some of the most prominent hacking jobs of the decade - invading the computer systems of such retailers as TJX Cos., BJ's Wholesale Club, OfficeMax, Boston Market, Barnes & Noble and Sports Authority.

Federal authorities say tens of millions of credit and debit card numbers were stolen.

Gonzalez entered guilty pleas in US District Court in Boston to 19 counts of conspiracy, computer fraud, wire fraud, access device fraud and aggravated identity theft.

He also pleaded guilty to a New York indictment charging one count of conspiracy to commit wire fraud for hacks into the Dave & Buster's restaurant chain.

Under his plea agreements, Gonzalez faces 15 to 25 years in prison in the Massachusetts case and up to 20 years in the New York case. The sentences would run concurrently.

If he had been convicted of all the charges and sentenced to the maximum, he could have received a sentence of several hundred years.

Sentencing is scheduled for Dec. 8.

Authorities said Gonzalez was the ringleader of a group that targeted large retailers.

Gonzalez's Miami attorney, Rene Palomino Jr., said Gonzalez is "extremely remorseful."

"He just feels really bad, mainly because of the damage he's caused, but also because of what his family has had to endure," Palomino said. "He just wants to go ahead and do the right thing and take responsibility for his actions. One day, he will go and lead a productive life like any other citizen."

Michael Loucks, acting US Attorney for Massachusetts, said the investigation and prosecution of identity theft is a top priority of the Justice Department.

"In the past 10 years, there has been a dramatic growth in the transfer and storage of credit and debit card data on computer networks, Loucks said in a statement. "It is ... important that we work hard to investigate and prosecute the theft of personal identity data that citizens entrust to computer networks every day."

Gonzalez, who was known online as "soupnazi," was a self-taught computer genius, Palomino said. In 2003, Gonzalez was arrested for hacking but was not charged because he became an informant, helping the Secret Service find other hackers. But authorities said he continued to use his talents for illegal activities.

Over the next five years, he hacked into the computer systems of Fortune 500 companies even while providing assistance to the government.

He lived a lavish lifestyle during that time. Authorities said he amassed $2.8 million, bought a Miami condo and a BMW. Under the plea deals, Gonzalez must forfeit more than $2.7 million, as well as his condo, car, a Tiffany ring he gave to his girlfriend and Rolex watches he gave to his father and friends.

Federal authorities arrested Gonzalez in May 2008 while he stayed with his girlfriend at the luxurious National Hotel on Miami Beach.

The New York and Massachusetts indictments said Gonzalez and two foreign co-defendants used hacking techniques that involved "wardriving," or cruising through different areas with a laptop computer and looking for retailers' accessible wireless internet signals.

Once they located a vulnerable network, they installed "sniffer programs" that captured credit and debit card numbers as they moved through a retailer's processing computers - then tried to sell the data overseas.

Gonzalez was in the process of negotiating a plea agreement on those charges in August 2008 when federal prosecutors in New Jersey brought new charges against him for allegedly targeting customers of convenience store giant 7-Eleven and supermarket chain Hannaford Brothers. Those charges are still pending.