Evan Schuman's StorefrontBacktalk

Albert Gonzalez, who has been accused of managing the data breaches at TJX, Hannaford, 7-Eleven and Heartland (among many others), has once again agreed to plead guilty to parts of two of the three federal cases against him, his attorney, Rene Palomino, said Thursday (Aug. 27). Two other major retail names have also been added to the list of retail victims: J.C. Penney and Target, as the list of unidentified retailers shrinks.

Look for Gonzalez to officially plead guilty to the federal charges from Boston, primarily involving TJX, BJ’s Wholesale Club, Boston Market and Sports Authority and New York, primarily involving Dave & Buster’s, on Sept. 11.

This is at least the second time that Gonzalez has danced this particular dance, as he was all set to plead guilty to those Boston and New York charges—or at least a substantial subset of them—but that deal was killed when, according to Palomino, the U.S. Attorney’s Office in Newark accelerated their indictment. Palomino said this new deal does not include any of the Newark charges, but that “Newark has the opportunity to come into it eventually, if they like.”

Target was one of—if not the only—unidentified major retailer in the Boston case, stemming from a series of Florida wireless drive-bys involving Gonzalez, Palomino said. J.C. Penney was one of the unidentified retail victims in the Newark indictment.

Target and J.C. Penney have plenty of company in this mass of federal cyber thief charges. Beyond TJX, BJ’s, Boston Market, Sports Authority, Dave & Buster’s, TJX, Hannaford, 7-Eleven and Heartland, their fellow hacking victims include Office Max, Barnes & Noble, Sports Authority, Forever 21 and DSW.