The United States Department of Justice (DoJ) has recently announced the sentencing of two individuals, Ryan Goldberg and Kevin Martin, to four years in prison each for their involvement in the BlackCat ransomware attacks that took place in 2023.
Goldberg, aged 40 and hailing from Georgia, and Martin, aged 36 from Texas, were found guilty of deploying the ransomware against multiple victims across the country between April and December 2023. The two defendants, who pleaded guilty in December 2025, collaborated with Angelo Martino, 41, from Florida, to carry out these attacks.
The trio agreed to give the ALPHV BlackCat administrators a 20% share of any ransom payments they received in return for access to the ransomware and the ALPHV/BlackCat extortion platform, according to the DoJ.
It is worth noting that all three individuals had backgrounds in the cybersecurity industry, which gave them the expertise to secure computer systems against various threats, including the very same threats they were inflicting on their victims in this case.
One incident involved extorting approximately $1.2 million in Bitcoin from a victim, with the defendants splitting their share three ways and then laundering the funds to conceal their activities.
Although the BlackCat ransomware scheme is no longer operational, it is estimated that the group targeted over 1,000 victims worldwide.
These developments follow Martino’s recent guilty plea, with his sentencing scheduled for July 2026. Additionally, Martino is accused of leveraging his position as a negotiator to obtain higher payouts from victims by divulging confidential information about their insurance coverage to the BlackCat operators.
Martino and Martin were employed at DigitalMint, while Goldberg worked as an incident response manager at cybersecurity firm Sygnia.
U.S. Attorney Jason A. Reding Quiñones for the Southern District of Florida expressed disappointment in the defendants’ actions, stating that they misused their cybersecurity expertise to extort businesses, lock down critical systems, steal sensitive data, and coerce American companies into paying to regain access to their information.
