The government was asking a federal judge for more time to investigate before a sentencing hearing, said the memo from Assistant U.S. Attorneys Stephen P. Heymann and Donald L. Cabell. "The government has been given no prior notice of either of these assertions, the defendant's intended reliance on expert testimony to support them or that the defendant was undergoing a psychological forensic examination."
Gonzalez has agreed to plead guilty to masterminding a cyberthief ring that stole data from TJX, BJ’s Wholesale Club, Boston Market and Sports Authority, among other major chains.
A defense sentencing memo was also filed, where defense counsel Martin G. Weinberg argued that Gonzalez should receive a more lenient sentence than the government is seeking. In that memo, Gonzalez's attorney wrote that Gonzalez told government lawyers that his team had "breached at least four card processing companies," according to a story about the sentencing memo in Wired.
If Gonzalez and/or his associates had indeed breached at least four card processors, that goes well beyond the number the government has accused him of. It would also explain quite a few groups of reissued cards that didn't seem to connect to any publicly reported breach.
In addition, the sentencing memo confirmed that his team had a means to deencrypt stolen payment card information and that Gonzalez told the feds about data breaches that had not yet been detected.