Two recent cases — a landmark ransomware sentencing and a nursing home data breach settlement — reveal both sides of healthcare cyber risk: the attacker economy that makes these strikes inevitable, and the provider liability model that makes the aftermath so costly. Here is what each one means for your organization.
The Headlines You Can’t Ignore
In May 2026, two American citizens — Ryan Goldberg, 40, of Georgia, and Kevin Martin, 36, of Texas — were each sentenced to four years in federal prison for their roles as affiliates of the BlackCat (ALPHV) ransomware group. A third co-conspirator, Angelo Martino, 41, of Florida, is awaiting sentencing on July 9, 2026.
Between April and December 2023, the three men operated as paid contractors for one of the most destructive ransomware operations in history. Under the affiliate model, they kept 80% of every ransom payment and forwarded 20% to the BlackCat group in exchange for access to the ransomware encryptor and supporting attack infrastructure.
Meanwhile, Dove Healthcare Management Services — a Wisconsin-based provider of nursing and rehabilitation care, assisted living, and palliative care — agreed to settle class action litigation stemming from a July 2024 cyberattack. The breach exposed names, dates of birth, Social Security numbers, driver’s license numbers, full-face photographs, health information, and health insurance information of patients and employees. Notifications went out on March 18, 2025 — nearly nine months after the initial intrusion. By March 26, class action lawsuits had already been filed..
Discover more from Doctor Trusted
Subscribe to get the latest posts sent to your email.
