A Latvian national was sentenced to 102 months for his role in a Russian ransomware organization. DOJ said the group stole from and extorted more than 54 companies, using stolen data to force ransom payments.

The DOJ reported the sentencing of a Latvian national to 102 months in connection with participation in a Russian ransomware organization. Prosecutors alleged the group hacked and extracted data from dozens of targets—DOJ stated it extorted over 54 companies—then leveraged the stolen information to pressure victims into paying. The case highlights a ransomware business model that treats data theft and extortion as a primary tactic, not merely an endpoint. DOJ’s account also included examples of disruptive impacts from the hacks, including a government entity’s 911 system being forced offline, illustrating how ransomware campaigns can escalate into critical-service outages. Prosecutors further described how stolen sensitive data was used as leverage, increasing the likelihood that victims would comply with extortion demands. The sentencing reflects continued U.S. enforcement against cybercrime actors tied to major ransomware operations, including those operating internationally. For organizations, the story underscores the risk of both operational disruption and data-driven coercion. For consumers, the broader takeaway is that ransomware campaigns frequently rely on stolen personal information and coercive pressure methods, making victim preparedness and incident response essential.