Three former employees from cybersecurity firms DigitalMint and Sygnia have been indicted for their involvement in BlackCat ransomware attacks against five U.S. companies between May and November 2023. The defendants include 28-year-old Kevin Tyler Martin from Texas, who pleaded not guilty, and 33-year-old Ryan Clifford Goldberg from Georgia, currently in federal custody. They face multiple charges related to extortion and computer damage, which could lead to up to 50 years in prison if convicted. The indictment highlights their alleged role as affiliates of the BlackCat (ALPHV) ransomware group. They reportedly breached the networks of their victims, stole sensitive data, deployed encryption malware, and demanded cryptocurrency ransoms in exchange for decryption keys and confidentiality regarding the stolen data. Victim organizations include a medical device manufacturer in Tampa, a pharmaceutical company in Maryland, and several others across California and Virginia. The attackers made ransom demands ranging from $300,000 to $10 million, but the Tampa firm was the only confirmed payer, settling for $1.27 million after being asked for $10 million. The Department of Justice's investigation into this case follows broader concerns about cybersecurity firms potentially colluding with ransomware gangs. A previous investigation had scrutinized a DigitalMint negotiator for profiting from extortion deals. The FBI has connected BlackCat to over 60 breaches in its early months and reported that the group has earned at least $300 million from more than 1,000 victims by September 2023. Recent advisories from federal agencies have warned that BlackCat specifically targets U.S. healthcare organizations, indicating a trend that could have serious implications for the sector.