Two Cybersecurity Professionals Get 4-Year Sentences in BlackCat Ransomware Attacks

In a case that has shocked the cybersecurity community, two former cybersecurity professionals have been sentenced to four years in federal prison after helping the notorious ALPHV/BlackCat ransomware group carry out cyber extortion attacks.
Ryan Goldberg, an incident response manager at Sygnia, and Kevin Martin, a ransomware negotiator at DigitalMint, used their industry knowledge to assist cybercriminals rather than protect organizations from attacks. According to U.S. authorities, the pair worked as affiliates for the BlackCat ransomware operation, helping identify victims, deploy ransomware, and negotiate ransom payments. Between April and December 2023, the attackers reportedly collected around $1.2 million in Bitcoin from a single victim. Investigators found that 20% of the ransom payments were passed on to BlackCat’s operators as part of the ransomware-as-a-service model.
The investigation also revealed the involvement of a third individual, Angelo Martino, who allegedly shared confidential cyber insurance information with the attackers. Prosecutors say this allowed the ransomware group to increase its ransom demands based on how much coverage a victim had. Martino has pleaded guilty and is scheduled to be sentenced in July 2026.
Federal prosecutors described the case as a serious breach of trust, noting that the defendants used their cybersecurity expertise to support criminal activity instead of defending organizations from cyber threats.
The case serves as a reminder that insider threats remain one of the biggest challenges in cybersecurity. While organizations invest heavily in technology and security tools, trusted individuals with privileged access can still pose significant risks when they misuse their knowledge and authority.