DigitalMint
US cryptocurrency compliance and ransomware negotiation firm; negotiator Kevin Martin pleaded guilty to using ALPHV/BlackCat against clients.
Last refreshed: 17 April 2026 · Appears in 1 active topic
Why should ransomware victims check the background of the firm they hire to negotiate?
Timeline for DigitalMint
IR staff pleaded guilty to using ALPHV
Cybersecurity: Threats and Defences- What did DigitalMint's employee do with ransomware?
- Kevin Martin, a ransomware negotiator at DigitalMint, pleaded guilty to using ALPHV/BlackCat ransomware against US victims in 2023 by exploiting his negotiator access to victim organisations. He conspired with Ryan Goldberg of incident-response firm Sygnia.Source: DOJ
Background
DigitalMint is a US Cryptocurrency compliance and ransomware negotiation company whose employee Kevin Martin pleaded guilty to using the ALPHV/BlackCat ransomware family against US victims between April and December 2023. Martin conspired with Ryan Goldberg of Sygnia in a scheme that exploited both the negotiator's and the IR professional's privileged access to victim organisations.
DigitalMint provides services including Cryptocurrency tracing, compliance consulting and ransomware payment facilitation. Ransomware negotiators occupy an inherently sensitive position: they are engaged by breach victims to manage communications with ransomware operators and advise on payment decisions. Their knowledge of victim financial posture, insurance coverage and negotiation strategy makes them a valuable insider source for attackers.
The Martin-Goldberg case establishes ransomware negotiation firms alongside IR firms as insider-threat-relevant vendors for organisations managing a ransomware incident. For CISOs and legal teams engaging negotiators, the case creates a specific due-diligence obligation: negotiator background checks, conflict-of-interest declarations and contractual limitations on information use must now be standard engagement terms.