The U.S. Department of Justice (DoJ) announced on Thursday the sentencing of **Ryan Goldberg**, 40, of Georgia, and **Kevin Martin**, 36, of Texas, to four years in prison each for their roles in facilitating **BlackCat** ransomware attacks throughout 2023. Both Goldberg and Martin pleaded guilty in December 2025 to deploying the ransomware against multiple victims across the U.S. They conspired with **Angelo Martino**, 41, of Florida, in these attacks. According to the DoJ, "The three men agreed to pay the **ALPHV BlackCat** administrators a 20% share of any ransoms received in exchange for access to the ransomware and **ALPHV/BlackCat**'s extortion platform." What makes this case particularly concerning is that "All three men worked in the cybersecurity industry – meaning that they had special skills and experience in securing computer systems against harm, including the type of harm they themselves were committing against the victims in this case." In one instance, the defendants successfully extorted approximately $1.2 million in Bitcoin from a victim. They split their 80% share three ways and then laundered the funds to obscure the transactions. While the **BlackCat** ransomware-as-a-service (RaaS) operation is now defunct, it is estimated to have targeted over 1,000 victim computer networks globally. This sentencing follows a week after **Martino pleaded guilty** to the same crime and is slated to be sentenced in July 2026. **Martino** also allegedly abused his position as a negotiator to inflate ransom demands by sharing confidential insurance policy information of victims with the **BlackCat** operators. **Martino** and **Martin** were employed by **DigitalMint**, while **Goldberg** held a position as an incident response manager at the cybersecurity firm **Sygnia**. U.S. Attorney Jason A. Reding Quiñones for the Southern District of Florida stated, "These defendants exploited specialized cybersecurity knowledge not to protect victims, but to extort them. They used ransomware to lock down critical systems, steal sensitive data, and pressure American businesses into paying to regain access to their own information."