Cybercrime Romanian Hacker Pleads Guilty to Selling Access to US State Network Catalin Dragomir admitted in a US court to selling access to an Oregon state government office’s network. By Ionut Arghire | February 23, 2026 (6:53 AM ET) Flipboard Reddit Whatsapp Whatsapp Email A Romanian national pleaded guilty in a US court to selling unauthorized access to an Oregon state government office’s network. The man, Catalin Dragomir, 45, of Constanta, Romania, obtained access to the computer network in June 2021. The hacker allegedly advertised admin access to the state’s emergency management department, negotiated a $3,000 sale in Bitcoin, and accessed the network several times to prove the legitimacy of his claim. According to court documents, Dragomir provided a prospective buyer with samples of personal identifying information extracted from the compromised network, including an employee’s login information, name, email address, and Social Security number. He is also accused of hacking into and selling access to the networks of 10 other victims in the US. Documents presented in court allege that his actions caused at least $250,000 in losses. Dragomir was extradited to the US in January 2025, after being arrested in Romania in November 2024. He is scheduled for sentencing on May 26. Advertisement. Scroll to continue reading. In May 2024, Dragomir was charged with five counts of obtaining information from a protected computer, aggravated identity theft, and money laundering. On Friday, the US Department of Justice announced that Dragomir pleaded guilty to information theft and aggravated identity theft, and that he agreed to pay full restitution to his victims. Dragomir faces up to seven years in prison (five years for information theft and a mandatory consecutive two-year sentence for identity theft), a fine of up to $250,000, and one year of supervised release. Related: Tennessee Man Pleads Guilty to Repeatedly Hacking Supreme Court’s Filing System Related: Two US Cybersecurity Pros Plead Guilty Over Ransomware Attacks Related: Dutch Port Hacker Sentenced to Prison Related: Ukrainian Nefilim Ransomware Affiliate Pleads Guilty in US Written By Ionut Arghire Ionut Arghire is an international correspondent for SecurityWeek. More from Ionut Arghire Over 300 Malicious Chrome Extensions Caught Leaking or Stealing User Data Dutch Carrier Odido Discloses Data Breach Impacting 6 Million CISA Warns of Exploited SolarWinds, Notepad++, Microsoft Vulnerabilities Chrome 145 Patches 11 Vulnerabilities ApolloMD Data Breach Impacts 626,000 Individuals Microsoft to Enable ‘Windows Baseline Security’ With New Runtime Integrity Safeguards Nucleus Raises $20 Million for Exposure Management Apple Patches iOS Zero-Day Exploited in ‘Extremely Sophisticated Attack’ Latest News Autonomous AI Agents Provide New Class of Supply Chain Attack Hundreds of FortiGate Firewalls Hacked in AI-Powered Attacks: AWS Recent RoundCube Webmail Vulnerability Exploited in Attacks Mississippi Hospital System Closes All Clinics After Ransomware Attack PayPal Data Breach Led to Fraudulent Transactions Critical Grandstream Phone Vulnerability Exposes Calls to Interception NIST’s Quantum Breakthrough: Single Photons Produced on a Chip In Other News: Ransomware Shuts US Clinics, ICS Vulnerability Surge, European Parliament Bans AI Trending Daily Briefing Newsletter Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts. Webinar: Identity Under Attack: Why Every Business Must Respond Now February 11, 2026 Attendees will walk away with guidance for how to build robust identity defenses, unify them under a consistent security model, and ensure business operations move quickly without compromise. Register Virtual Event: Ransomware Resilience & Recovery 2026 Summit February 25, 2026 SecurityWeek’s 2026 Ransomware Summit will discuss a roadmap for defending the enterprise, from mitigating root causes to mastering recovery, giving security teams the critical insights needed to navigate and neutralize today’s ransomware extortion threats. Submit People on the Move Wealth management platform Envestnet announced the appointment of Rich Friedberg as CISO. Yuneeb Khan has been named Chief Financial Officer of KnowBe4, succeeding Bob Reich, who is retiring. Cyera has appointed Brandon Sweeney as President, Shira Azran as Chief Legal Officer and Joseph Iantosca as Chief Financial Officer. More People On The Move Expert Insights How to Eliminate the Technical Debt of Insecure AI-Assisted Software Development Developers must view AI as a collaborator to be closely monitored, rather than an autonomous entity to be unleashed. Without such a mindset, crippling tech debt is inevitable. (Matias Madou) Security in the Dark: Recognizing the Signs of Hidden Information Security failures don’t always start with attackers, sometimes they start with missing truth. (Joshua Goldfarb) Living off the AI: The Next Evolution of Attacker Tradecraft Living off the AI isn’t a hypothetical but a natural continuation of the tradecraft we’ve all been defending against, now mapped onto assistants, agents, and MCP. (Etay Maor) Why We Can’t Let AI Take the Wheel of Cyber Defense The fastest way to squander the promise of AI is to mistake automation for assurance, and novelty for resilience. (Steve Durbin) The Upside Down is Real: What Stranger Things Teaches Us About Modern Cybersecurity To all those who are fighting the good fight in the world of cyber, keep collaborating to ensure our world never succumbs to the chaos of the Upside Down. (Nadir Izrael) Flipboard Reddit Whatsapp Whatsapp Email