ElDorado Ransomware Strikes CelPlan Technologies: Data Breach Threat

Incident Date:

June 6, 2024

World map

Overview

Title

ElDorado Ransomware Strikes CelPlan Technologies: Data Breach Threat

Victim

CelPlan Technologies

Attacker

ElDorado

Location

Reston, USA

Virginia, USA

First Reported

June 6, 2024

ElDorado Ransomware Attack on CelPlan Technologies

Overview of CelPlan Technologies

CelPlan Technologies, Inc., headquartered in Reston, Virginia, is a prominent provider of wireless network solutions. Founded in 1992, the company specializes in the design, optimization, and implementation of wireless communication systems, including 4G LTE, 5G, and private networks. With a workforce of over 231 employees and a revenue of less than $5 million, CelPlan serves mobile operators, enterprises, and government agencies globally. Their comprehensive services range from network planning and optimization to consulting and training, making them a leader in the telecommunications sector.

Details of the Ransomware Attack

The ransomware group ElDorado has claimed responsibility for a recent attack on CelPlan Technologies. The attack resulted in the exfiltration of 99.4GB of sensitive data, which has been put up for sale on ElDorado's dark web leak site. The group employs a double-extortion tactic, encrypting files and threatening to release stolen data if ransom demands are not met. The attack has significantly impacted CelPlan, given their critical role in wireless network solutions.

About ElDorado Ransomware Group

ElDorado emerged in 2024 and quickly gained notoriety through a series of high-profile attacks. Known for their meticulous targeting and sophisticated techniques, they use phishing, unpatched vulnerabilities, and RDP exploits to infiltrate systems. Their ransom notes, typically named HOW_RETURN_YOUR_DATA.TXT, threaten ongoing attacks and data leaks if demands are not met. ElDorado's aggressive approach and advanced tactics make them a formidable threat in the ransomware landscape.

Potential Vulnerabilities

CelPlan's extensive involvement in wireless network design and optimization makes them a valuable target for ransomware groups like ElDorado. The company's reliance on advanced software tools and data analytics could present vulnerabilities if not adequately secured. Additionally, their global operations and partnerships may expose them to supply chain attacks, further increasing their risk profile.

Sources

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.