FBI Accuses Fired White Hat Hacking Pros Of Carrying Out Illegal Cyberattacks On US Companies

It's like something out of a contemporary spy novel: Two cybersecurity professionals that worked to help businesses fend off hackers have now been accused of being cybercriminals themselves. The FBI and federal prosecutors allege that two cybersecurity firms' former employees took part in a yearlong conspiracy to hack and extort multiple U.S. companies for millions of dollars in total.

Per an indictment unsealed in the Southern District of Florida: The men are being charged with conspiracy to interfere with interstate commerce by extortion, interference with interstate commerce, and intentional damage to a protected computer. Prosecutors claim that between May 2023 and April 2025, the two acted alongside an unnamed co-conspirator to use ransomware cyberattacks on at least five companies across several U.S. states. The FBI says the suspects would lock the victims' networks and demand multi-million-dollar cryptocurrency ransoms using software from ALPHV (a notorious ransomware group also known as BlackCat or Noberus— the same ones who claimed to breach Bandai's systems back in 2022).

Both DigitalMint, a Chicago-based firm that specializes in ransomware negotiation, and Sygnia Cybersecurity Services, a multinational incident response company, have confirmed that the accused men were former employees of theirs. However, both denied any corporate involvement in the scheme. Sygnia dismissed their now-former employee as soon as the company found out about the allegations, and, for its part, DigitalMint had already terminated the accused and another unidentified employee months before the indictments even came through.

Speaking of which: The indictment accuses the men of demanding $10 million from a Florida medical company, of which they reportedly received about $1.2 million in crypto. Allegedly, that money was then mixed and laundered through multiple wallets to hide the source of the funds. The group was also accused of targeting a Maryland pharmaceutical company, a California engineering firm, a Virginia drone manufacturer, and a California medical office for additional payouts ranging anywhere from $300,000 to $5 million.

Only one of these attacks was apparently successful, but nevertheless, prosecutors view the operation as a major violation of trust (not to mention the law). After all, cybersecurity experts are there to defend their clients from the exact spread of malware they allegedly did. DigitalMint's former employee has pleaded not guilty, but the one-time Sygnia employee has told investigators he was indeed involved in the ransomware scheme, reportedly to try and get out of debt. If they're convicted, both would likely face time in federal prison. For now, though, they're presumed innocent until proven guilty in court.