U.S. Secret Service Agent Matt O’Neill was growing nervous. For three months, he’d been surreptitiously monitoring hackers’ communications and watching as they siphoned thousands of credit card numbers from scores of U.S. retailers.

Most every day O’Neill was alerting a credit card company or retailer to an online heist. The result was predictable: the companies canceled hijacked credit and debit cards and the aggravated hackers’ customers began complaining that the stolen card numbers weren’t working as promised.

It was only a matter of time before the cyber thieves realized they were being watched.

“We were hoping they wouldn’t figure it out until we could catch them,” O’Neill said.

The Secret Service and FBI are investigating an increasing number of attacks on U.S. retailers’ data, including the massive breach of Target Corp. last year that affected more than 40 million debit and credit card accounts. Investigators won’t talk about the Target probe. Instead, the Secret Service pointed to O’Neill’s investigation that began in 2010 as an example of how they go about solving such crimes.

The chase for the hackers took three years. It uncovered what federal prosecutors described in court records as a “massive, international computer hacking and credit card data theft scheme.”

800 Stores

The conspirators hit more than 800 U.S. stores from 2009 to 2011, stealing data from in excess of 150,000 credit card accounts and inflicting losses to financial institutions conservatively tallied at $12.5 million, according to interviews with the agent, his supervisors and U.S. Justice Department prosecutors, as well as a review of court filings.

O’Neill’s green eyes and sly grin mask an intensity for the hunt that relied on a mix of high-tech sleuthing and traditional police work, with some creativity sprinkled in: the agent even went undercover online as an “attractive, independently wealthy waitress.”

“These hackers are sophisticated,” said U.S. Secret Service Agent Ed Lowery, who is in charge of the agency’s criminal division. “The type of individual we are talking about -- the highest-level cyber criminal -- they don’t leave bread crumbs.”