Skip to content
Tech News
← Back to articles

US ransomware negotiators get 4 years in prison over BlackCat attacks

2026-05-01 | original
read original get Cybersecurity Incident Response Kit → more articles
Why This Matters

The sentencing of two former cybersecurity professionals for BlackCat ransomware attacks highlights the ongoing threat of insider-led cybercrime in the industry. This case underscores the importance of robust security measures and ethical standards to protect businesses and consumers from malicious actors leveraging insider knowledge. It also signals increased legal accountability for cybercriminal activities, emphasizing the need for vigilance across the tech sector.

Key Takeaways

Two former employees of cybersecurity incident response companies Sygnia and DigitalMint were sentenced to four years in prison each for targeting U.S. companies in BlackCat (ALPHV) ransomware attacks.

40-year-old Ryan Clifford Goldberg (a former Sygnia incident response manager) and 36-year-old Kevin Tyler Martin (a DigitalMint ransomware negotiator) were charged in November and pleaded guilty in December to conspiracy to obstruct commerce by extortion.

Together with 41-year-old Angelo Martino, a third accomplice who also pleaded guilty in April, the two acted as BlackCat ransomware affiliates between May 2023 and November 2023, breaching the networks of multiple victims across the United States.

According to court documents, they paid a 20% share of ransoms in exchange for access to BlackCat's ransomware and extortion platform.

The list of victims includes a Maryland pharmaceutical company, a Tampa medical device manufacturer, a California engineering firm, a Virginia drone manufacturer, and a California doctor's office.

Prosecutors said the Tampa medical device company paid $1.27 million after its servers were encrypted and it received a $10 million ransom demand in May 2023, with the payment laundered and split three ways with Martino.

While other companies whose networks were breached by Goldberg and Martin also received ransom demands ranging from $300,000 to $10 million, the indictment does not indicate whether they received any additional payments.

"These defendants exploited specialized cybersecurity knowledge not to protect victims, but to extort them," said U.S. Attorney Jason A. Reding Quiñones on Thursday. "They used ransomware to lock down critical systems, steal sensitive data, and pressure American businesses into paying to regain access to their own information."

"We strongly condemn these former employees' criminal behavior, which violated our values, ethical standards, and the law. When we learned about the conduct, we immediately terminated both individuals," DigitalMint CEO Jonathan Solomon also told BleepingComputer earlier this month after Martino pleaded guilty.

The FBI previously linked the BlackCat ransomware gang to more than 60 breaches between November 2021 and March 2022.

... continue reading

Explore topics: blackcat ransomware sygnia digitalmint alphv
Related:
Vect 2.0 Ransomware Acts as Wiper, Thanks to Design Error
New ransomware is so badly coded it destroys your files instead of holding them hostage
Why a recent supply-chain attack singled out security firms Checkmarx and Bitwarden
Feuding Ransomware Groups Leak Each Other's Data
Money launderer linked to $230M crypto heist gets 70 months in prison

© 2026 GoKawiil

About | Editorial Policy | Contact