Two individuals with backgrounds in cybersecurity have admitted to orchestrating a series of ransomware attacks in 2023, as revealed by the Department of Justice. Ryan Goldberg, aged 40, and Kevin Martin, aged 36, confessed to extorting $1.2 million in Bitcoin from a medical device company and targeting multiple other organizations.
The pair, along with an unnamed accomplice, were formally charged for their involvement in the attacks last October. Their strategy involved employing ALPHV / BlackCat ransomware to encrypt and exfiltrate data from victims. Martin and the third collaborator were employed as ransomware negotiators at Digital Mint, while Goldberg held the position of incident response manager at Sygnia Cybersecurity Services.
ALPHV / BlackCat operates as a ransomware-as-a-service entity, with the developers profiting from a percentage of the extorted funds. Notably, the FBI developed a decryption tool in 2023 to aid victims of ALPHV / BlackCat, a group known for targeting prominent companies like Bandai Namco, MGM Resorts, Reddit, and UnitedHealth Group.
According to the DOJ’s indictment, Goldberg, Martin, and their collaborator sought to extort substantial sums from various US-based victims, including a pharmaceutical firm, a medical practice, an engineering company, and a drone manufacturer.
Assistant Attorney General A. Tysen Duva from the DOJ’s Criminal Division condemned the actions of the defendants, stating, “These defendants utilized their advanced cybersecurity expertise to perpetrate ransomware attacks — a crime they should have been preventing. The Department of Justice remains steadfast in its pursuit of ransomware perpetrators, utilizing all available resources to bring them to justice.”
Both Goldberg and Martin pleaded guilty to a single count of “conspiracy to obstruct, delay, or affect commerce through extortion.” Their sentencing is set for March 12th, 2026, with a potential maximum sentence of 20 years in prison.
