One of the worlds largest surfing based brands has come under the eye of hackers after they gained access to its database via a exploitable wordpress installation. The attack is on billabong and the exact domain and exploit has not been released yet. The attack was announced from the @GoatseSec twitter account stating that over 37,000 user credentials are at risk of being leaked. > @Cyber_War_News BillaBong databases attacked & hacked by GoatseSec, 37.000+ users at risk. – https://pastebin.com/ESdhhTcW –#GoatseSec
The leak was posted to pastebin with a short message for billabong and a small dump of database information as well as the administration accounts which have encrypted passwords.
We goatsesec hold valuable information from the BillaBong database, we recently accessed the database from a PHP security flaw and figured that we’d exploit it. Also, more than 37,000 users are at risk due to this attack, we have a little spoiler for you, hours from now or even DAYS you will see the damage that can be done to a website because they cannot secure themselves. #GoatseSec
So within an unknown amount of time we are expecting more data to be released from these databases which have the table name "north_shore_chronicles_wp" which gives small hint as to which part of the billabong websites has been breached. Its not the first time billabong has been hit by hackers with an attack earlier in the year that resulted in the dumping of thousands of clear text passwords from a billabong based server. The leak file ends with yet another warning to billabong.
This is only the beginning, these 2 upcoming weeks are going to be hell for billabong, expect us.
Updates to come as more information comes to light. https://pastebin.com/ESdhhTcW