Connect with us

Hi, what are you looking for?



Canadian Man Sentenced to Prison for Ransomware Attacks

Matthew Philbert was sentenced to two years for launching cyberattacks on Canadian businesses and government entities.

A Canadian involved in numerous ransomware and other types of cyberattacks against businesses, government entities, and individuals in Canada was sentenced last week to two years in prison.

The man, Matthew Philbert, 33, of Ottawa, Ontario, was arrested by the Ontario Provincial Police in November 2021, following a 23-month investigation, being charged with fraud, computer intrusions, and intent to perform computer intrusions.

In December 2021, the US Department of Justice also announced charges against Philbert. According to the indictment (PDF), his actions could have impacted “the medical examination, diagnosis, treatment and care of one or more individuals”.

Named by the Canadian authorities the “most prolific cybercriminal” identified in the country, Philbert admitted in court in October 2023 to launching cyberattacks targeting over 1,000 entities, including a municipality, police departments, and a school.

His modus operandi involved phishing emails carrying malicious attachments designed to drop malware that would provide Philbert with full control over the victims’ machines.

The investigators discovered that he received payments in Bitcoin as a result of at least four ransomware attacks.

Philbert is estimated to have caused losses of just over $49,000. Most of his victims, however, did not lose money.

Law enforcement’s investigation into Philbert’s cybercriminal activities also revealed that he provided access to stolen credentials to third parties.

Advertisement. Scroll to continue reading.

Related: Russian TrickBot Malware Developer Sentenced to Prison in US

Related: Owner of Cybercrime Website BreachForums Sentenced to Supervised Release

Related: Los Angeles SIM Swapper Sentenced to 8 Years in Prison

Written By

Ionut Arghire is an international correspondent for SecurityWeek.


Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Learn about active threats targeting common cloud deployments and what security teams can do to mitigate them.


Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.


Expert Insights

Related Content


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.


A SaaS ransomware attack against a company’s Sharepoint Online was done without using a compromised endpoint.


Several major organizations are confirming impact from the latest zero-day exploits hitting Fortra's GoAnywhere software.

Data Breaches

Sony shares information on the impact of two recent unrelated hacker attacks carried out by known ransomware groups. 

Data Breaches

KFC and Taco Bell parent company Yum Brands says personal information was compromised in a January 2023 ransomware attack.


Alphv/BlackCat ransomware group files SEC complaint against MeridianLink over its failure to disclose an alleged data breach caused by the hackers.

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.