DOJ sentenced two former cybersecurity professionals to four years each in federal prison Thursday for ransomware attacks they ran against U.S. companies in 2023, in a prosecution out of the Southern District of Florida.

Ryan Clifford Goldberg, a former incident response manager at Sygnia, and Kevin Tyler Martin, a former ransomware negotiator at DigitalMint, had pleaded guilty to one of three charges brought against them in December, each originally facing up to 20 years. With co-conspirator Angelo John Martino III, they used ALPHV ransomware (also known as BlackCat) to hit five organizations across a six-month stretch: a Florida medical company, a Maryland pharmaceutical firm, a California doctor’s office, a California engineering company, and a Virginia drone manufacturer. They extorted $1.3 million from the medical company in May 2023 and leaked patient data from the doctor’s office.

Goldberg’s flight from justice is a case study in bad judgment. Ten days after his FBI interview in June, he boarded a one-way flight to Paris with his wife. The FBI tracked him through 10 countries. He was arrested on Sept. 22 in Mexico City after flying in from Amsterdam, then deported to the United States. He spent the rest of the pretrial period in custody as a flight risk. Martin didn’t make the same mistake: he was arrested without incident in October and freed on bond.

Co-conspirator Martino’s exposure is far larger. His broader scheme helped accomplices extort a combined $75.3 million in ransom payments. Five of his victims hired DigitalMint to negotiate ransoms and were assigned Martino, who then allegedly fed their insurance policy limits and internal negotiating positions back to BlackCat affiliates. He pleaded guilty earlier this month and faces up to 20 years. Sentencing is scheduled for July 9.

James Okafor