A US hacker who conspired with two Russian cyber criminals in a bid to steal 130 million credit card details could face up to 25 years in prison.

Albert Gonzalez and his Russian counterparts, who remain unnamed, used an SQL injection attack to get through firewalls protecting the payment systems of a number of US retailers, including 7-Eleven.

It is thought they planned to intercept credit card details of the retailer's customers and then sell them on.

If found guilty, Gonzalez - who has previously helped the US Secret Service trace hackers and is already facing another hacking charge - could be slapped with 25 years in prison and a maximum fine of $500,000 (£300,000).

PC security advice

See also: Spammers using MSN for ID theft