Billabong, a huge brand in the sports of skateboarding and surfing has been hacked today after the hackers gained access to the database via a exploitable WordPress installation The domain and exploit the hackers used to gain access has not been released yet. @GoatseSec claims responsibility for this hack, they posted a status via their Twitter page after the act, you can view the tweet at the bottom of this post.
GoatseSec also posted a Pastebin contained more information about the hack. Accounts and password hashed data was leaked, totaling 11 user accounts.
GoatseSec said that in addition to the 11 user account leak, they have more they will be releasing and dumping to Pastebin.
Within an unknown amount of time we are expecting more data to be released from these databases which have the table name “north_shore_chronicles_wp” which gives small hint as to which part of the Billabong websites has been breached.
You can view some of the dump on Pastebin below.
==============================================================================================================
_____ _ _____
/ ____| | | / ____|
| | __ ___ __ _| |_ ___ ___| (___ ___ ___
| | |_ |/ _ \ / _` | __/ __|/ _ \\___ \ / _ \/ __|
| |__| | (_) | (_| | |_\__ \ __/____) | __/ (__
\_____|\___/ \__,_|\__|___/\___|_____/ \___|\___|
Episode : 1 [Pt. 1]
Title : Pwnin' the bongs.
Author(S) : TylerOfGoatseSec & RobTheGod (Catch me on IRC)
==============================================================================================================
We goatsesec hold valuable information from the BillaBong database, we recently accessed the database from a PHP security flaw and figured that we'd exploit it. Also, more than 37,000 users are at risk due to this attack, we have a little spoiler for you, hours from now or even DAYS you will see the damage that can be done to a website because they cannot secure themselves. #GoatseSec
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
SPOILER
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
https://twitter.com/GoatseSec/status/259390864604942336