Written by Christian Espinosa
Cybercriminals aren’t always who you expect. Most people believe hackers fit the mold from Hollywood movies. They’re either fringe radicals or nation-state actors. The reality is much more vanilla. Recently, two former cybersecurity firm employees were indicted and accused of hacking multiple firms and extorting them.
The Details: Medical Device Firm and Pharma Company Were Targets
Kevin Martin and Ryan Goldberg are the two men facing federal charges. Their targets were, among others, a medical device company and a pharmaceutical business. They demanded $10 million from the medical device maker in exchange for unlocking their data in a ransomware scheme. Reports are that they did receive $1.27 million.
Martin worked for DigitalMint, an organization specializing in negotiating ransomware incidents. Goldberg was an employee of Sygnia Cybersecurity Services. Both companies have denied any wrongdoing and swiftly terminated the employees. They are cooperating with the investigation. But how does this behavior go undetected?
Were These Guys That Good at Masking Who They Were?
In reading this story, it reminds me of all the dynamics at play with those who are in the cybersecurity industry. I wrote a book all about it—The Smartest Person in the Room.
There is often bravado and arrogance from those in the industry. They are geniuses and untouchable; no one can figure them out. It’s not hard to identify these types of folks. While we don’t know the specifics of the two men accused, we can all attest that being a ransomware negotiator by day and attacking systems by night requires a level of egotism that is staggering.
This case is so unique and concerning. We don’t know anything outside of the story from the Chicago Sun Times, but I have some thoughts on why it happened and what we all need to be thinking about right now when it comes to employees being hackers.
What Happened in the Medical Device Company Hack?
How did these criminals successfully launch ransomware? There are many different ways to dispatch ransomware, which occurs when malware infiltrates a network and then locks it. The company would have lost access to its assets, and this prompts the criminals to send a ransom demand.
Unfortunately, most ransomware, across all industries, starts with an errant click or download by an employee. Phishing emails are certainly more advanced these days, but any medical device company would have programs in place to educate employees.
Additionally, with the Food & Drug Administration’s newest guidance on cybersecurity, the industry must be vigilant about everything. This did occur in 2023, and the FDA did have guidelines then. They were most recently updated in June of 2025.
Besides human error, ransomware attacks are often the product of exploiting vulnerabilities. It could have been in the software, operating systems, or networks. There’s no information that any devices were hacked, just the company, but that doesn’t bode well for businesses that are trusted to be cyber secure.
The FDA has more and more requirements for medical device manufacturers. They must provide a software bill of materials (SBOM) with their pre-market submission. They must also constantly monitor products once they are in use and have a patching program to remediate any vulnerabilities identified.
Medical Device Companies: Cybersecurity Must Be a Foundation
It’s a good reminder that as a manufacturer, not only do your devices need to be secure by design, but your entire company and digital footprint must be too. Cybersecurity isn’t just something you can practice with the products you build. It must be a foundation of your culture and vision.
This is a stunning story, but one that delivers a crucial learning. If you have questions about reducing the threat of ransomware, let’s talk about it.
About Christian Espinosa
Christian Espinosa is the Founder and CEO of Blue Goat Cyber, where he helps medical device manufacturers build secure, FDA-ready products that protect both patients and brands. He’s a U.S. Air Force veteran and bestselling author of The Smartest Person in the Room and The In-Between: Life in the Micro, blending technical, leadership, and mindset lessons. When he’s not working with clients, Christian is likely chasing extreme sports, exploring a new corner of the world, or training toward his goal of competing in an F4 race.