Romanian Hacker Sentenced to 56 Months for Selling Access to Oregon State Network

Overview

• The defendant, Catalin Dragomir, received a 56-month federal prison term and three years of supervised release after a sentencing hearing that concluded this week on May 27, 2026.
• Dragomir pleaded guilty on Feb. 19 to obtaining information from a protected computer and aggravated identity theft, a charge that carries a mandatory consecutive term and helped determine his overall sentence.
• Prosecutors say Dragomir gained unauthorized admin access to an Oregon state government computer in June 2021, sold that access while showing buyers samples of personal data, and negotiated at least one $3,000 Bitcoin sale.
• U.S. authorities say he also sold access to the networks of roughly a dozen other U.S. victims, causing at least $250,000 in losses, and the case prompted cooperation between the DOJ, the FBI, Romanian justice officials, and private firm Darkweb IQ.
• The case illustrates the transactional ‘access-for-sale’ criminal model that lets outsiders buy administrative entry to government and corporate networks and it underscores growing U.S. use of extradition and private intelligence to disrupt cross-border cybercrime.