(Image credit: Shutterstock)

---

• Two ex-cybersecurity professionals pleaded guilty to ALPHV ransomware extortion attempts
• They extorted $1.2M from a medical device firm; other attempts failed
• Facing federal charges with possible 20-year prison sentences; sentencing set for March 12, 2026

---

The two cybersecurity experts that were accused of affiliating with ransomware operators have pleaded guilty to at least one successful extortion attempt, as well as a few unsuccessful ones.

In early November this year, news broke of three cybersecurity professionals being suspected of working as affiliates for the dreaded ALPHV (BlackCat) ransomware gang, deploying encryptors against multiple US organizations.

Back then, a US federal indictment filed in the Southern District of Florida claimed two defendants - Ryan Clifford Goldberg of Georgia, and Kevin Tyler Martin of Texas, together with a third co-conspirator, hacked into company networks, stole data, encrypted it with ALPHV ransomware, and demanded cryptocurrency ransoms.

The indictment did not describe the two as cybersecurity professionals. However, local media said Martin worked at DigitalMint as a ransomware threat negotiator, while Goldberg was a former Sygnia incident response manager.

Both of them are no longer working with these companies.

Sentencing in March

Now, it seems the duo admitted hacking a medical device company back in 2023, and later extorting it for $1.2 million.

They also allegedly admitted to trying to extort a Maryland-based pharmaceutical company, a California doctor’s office for $5 million, a California engineering firm for $1 million, and a Virginia drone manufacturer for $300,000. These attempts were unsuccessful.

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

“These defendants used their sophisticated cybersecurity training and experience to commit ransomware attacks – the very type of crime that they should have been working to stop,” said Assistant Attorney General A. Tysen Duva of the DoJ’s Criminal Division.

Since all five companies were engaged in interstate commerce, the case falls under federal jurisdiction. The payments were allegedly laundered through multiple cryptocurrency wallets to hide their origins.

The three are facing serious prison time. They are being charged with “conspiracy to interfere with interstate commerce by extortion”, “interference with ecommerce by extortion”, and “intentional damage to a protected computer”. The first two carry prison sentences of up to 20 years, while the third one 10 years.