The New hacking vector: Surfing

Rip Curl, the famous surfing brand, has suffered a data breach

On November 23, 2022, the Kaduu CTI team was conducting a routine search and analysis of the latest data breaches to be found in the darknet. We were surprised to identify during this process a new data breach allegedly associated, according to the threat actor, with the Rip Curl brand.

Rip Curl is a designer, manufacturer, and retailer of surfing sportswear and accompanying products, and a major athletic sponsor. It has become one of the largest surfing companies in Australia, Europe, South America, North America and South Africa.

Globally, Rip Curl is considered to be one of the “Big Three” in the surf industry, alongside Quiksilver and Billabong

The company has previously not been seen to be involved in any cyber security incidents, nor have they been breached – fully or partially – before.

^{Photo by Austin Neill}

Data Breach Details

The data obtained from a threat actor consists of 37k customers’ personal information, as well as 200k order details. The latest pieces of information are dated as of March 27, 2022.

The customer part of the database exposes the following sensitive information:

FirstName, LastName, Email, DateOfBirth, ShippingStreet1, ShippingStreet2, ShippingCity, ShippingCountry, ShippingPostcode, BillingFirstName, BillingLastName, BillingStreet1, BillingStreet2, BillingCity, BillingCountry, BillingPostcode, DateCreated, TimeCreated

Alongside sensitive customer data, a file called “Rip Curl Store San Sebastien.xlsx” is shared. It consists of names of partner-stores that apparently sell Rip Curl products. The table exposes email addresses, phone numbers, physical addresses of the partner stores, websites, exact locations: latitude and longitude, working hours and something that is called “UrlFriendlyTitle”.

_{screenshot of “Rip Curl Store San Sebastien.xlsx” table}

The data, as seen from the files, concerns only European shops and their respective clients.

At the time of writing this article the company had not released any statements about the incident, nor denied it.

Make sure to read our previous article on virtual credit cards data leak.

Stay up to date with exposed information online. Kaduu with its cyber threat intelligence service offers an affordable insight into the darknet, social media and deep web.

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.