This is a sad story: some smart guy in California obviously used his power for evil and figured out how to hack into Paypal via malware, getting usernames and passwords, using the info (together with his friends) to buy lots of stuff.
Game over.
Now, John Schiefer's in the federal system, which is a much bigger (read that harsher) deal than the state system. He's already confessed, he's going to be arraigned soon, and his case is the first of its kind (read: setting a precedent). And, he is facing a 60 year prison sentence and a $1.25 million fine.
Criminals in federal court must deal with the Federal Sentencing Guidelines. These guidelines more or less tell the judge what the prison term has got to be for a specific crime, and they exist to try and insure fairness in sentencing. You don't want someone in Oregon to get an extremely different federal sentence than someone in Florida for the same crime, for example.
However, other than rearranging the dice on what the charges are, there is not much room to move in any plea bargaining situation. You know plea bargaining, you watch TV.
So, John has made a plea deal on the charges of four counts of fraud and wiretap charges. Factually, he admitted that he and his unidentified co-conspirators infected 250,000 computers through their "botnet underground."
He's got a teensy, little hope. Until 2005, these guidelines were mandatory. Then the US Supreme Court decided that this violated the defendants' right to trial by jury, and they became discretionary. Now, the High Court explained, judges should look to the guidelines, but they can move away from them if they think it best. However, the judge must give his written explanation for doing so, and this open door to an appellate review leaves many judges just following the safety of sentencing based upon the guidelines.
So, expect John to face a judge who's going to follow those guidelines in this precedent-setting case with lots of media attention. Why wouldn't he?