Ransomware Negotiator Sentenced for Leaking Client Data to BlackCat Hackers
Angelo Martino, a ransomware negotiator at DigitalMint, was sentenced to 70 months for conspiring with BlackCat affiliates. He leaked client insurance limits and negotiation strategies, driving ransoms higher. Five victims paid over $75 million.
Angelo Martino, a 41-year-old ransomware negotiator hired to help companies fight hackers, was sentenced to 70 months in prison on July 11, 2026, for secretly working with the BlackCat ransomware group. Prosecutors said he used his position at DigitalMint to leak confidential client data and drive up ransom payments.
Between April and September 2023, five of Martino's clients paid more than $75 million to BlackCat affiliates. Court filings show that Martino shared victims' insurance policy limits and internal negotiation positions with attackers, enabling them to demand higher ransoms.
How the Scheme Worked
Martino communicated with BlackCat operators through multiple channels. Alongside standard negotiation chats visible to victims, he used a separate intermediary function within BlackCat's panel and the encrypted messaging platform Tox. These hidden channels allowed him to exchange information without the victims' knowledge.
In exchange for the data, Martino received a portion of the ransom payments in cryptocurrency. He later obtained affiliate access to BlackCat's ransomware platform in May 2023, which he shared with two co-conspirators, Kevin Martin and Ryan Goldberg. Together, they launched additional attacks beyond Martino's client base.
- One victim, a medical device company, paid $1.2 million after an attack using Martino's affiliate credentials.
- Other victims across financial services, healthcare, retail, hospitality, and nonprofits suffered operational disruptions and financial losses.
- Martin and Goldberg each received four-year prison sentences earlier in 2026.
- The FBI seized millions in cryptocurrency from Martino, but he had already converted some into two homes, a boat, and several vehicles.
- Martino was ordered to forfeit the property and pay 10% of his income after release.
Fallout and Industry Implications
DigitalMint, the firm that employed Martino, said it was unaware of his actions and described itself as an unknowing victim. The company terminated the employees involved after the Department of Justice contacted them and cooperated with investigators. Martino bypassed internal safeguards by using unauthorized communication channels not visible within DigitalMint's systems.
FBI Cyber Division Assistant Director Brett Leatherman emphasized the breach of trust. "Angelo Martino sold out the very victims he was hired to represent, handing their confidential negotiating positions to BlackCat actors to drive up ransoms and enrich himself," he said. The case highlights the vulnerability of the ransomware negotiation process, where third-party intermediaries hold sensitive data that can be weaponized. Martino had requested a 24-month sentence, citing cooperation, but the court imposed the longer term. His co-conspirators' earlier sentences and the forfeiture orders signal that law enforcement is pursuing all layers of the ransomware supply chain.
Fact check
-
Angelo Martino was sentenced to 70 months in prison.
reported · source
-
Five clients paid more than $75 million to BlackCat affiliates between April and September 2023.
reported · source
-
Martino used an intermediary function within BlackCat's panel and the Tox encrypted messaging platform to communicate with attackers.
reported · source
-
Martino obtained affiliate access to BlackCat's ransomware platform in May 2023.
reported · source
-
Co-conspirators Kevin Martin and Ryan Goldberg were each sentenced to four years in prison.
reported · source
Source reporting (1)
Join the conversation
You need to be registered and logged in to comment on blog articles.
Related Articles
Hack Exposes Suno AI's Training Data: Millions of Songs Scraped from YouTube, Deezer, and Genius
Jul 15, 2026
Microsoft Patch Tuesday July 2026 Sets All-Time Record With 570 Flaws Fixed
Jul 15, 2026
DHS Breach Missed for Weeks, German Firm Collapses as Cyber Threats Escalate Across Sectors
Jul 13, 2026
0 Comments
No comments yet
Be the first to share your thoughts on this article.