The New hacking vector: Surfing

Rip Curl, the famous surfing brand, has suffered a data breach

On November 23, 2022, the Kaduu CTI team was conducting a routine search and analysis of the latest data breaches to be found in the darknet. We were surprised to identify during this process a new data breach allegedly associated, according to the threat actor, with the Rip Curl brand.

Rip Curl is a designer, manufacturer, and retailer of surfing sportswear and accompanying products, and a major athletic sponsor. It has become one of the largest surfing companies in Australia, Europe, South America, North America and South Africa.

Globally, Rip Curl is considered to be one of the “Big Three” in the surf industry, alongside Quiksilver and Billabong

The company has previously not been seen to be involved in any cyber security incidents, nor have they been breached – fully or partially – before.

Photo by Austin Neill 

Data Breach Details

The data obtained from a threat actor consists of 37k customers’ personal information, as well as 200k order details. The latest pieces of information are dated as of March 27, 2022.

The customer part of the database exposes the following sensitive information:

FirstName, LastName, Email, DateOfBirth, ShippingStreet1, ShippingStreet2, ShippingCity, ShippingCountry, ShippingPostcode, BillingFirstName, BillingLastName, BillingStreet1, BillingStreet2, BillingCity, BillingCountry, BillingPostcode, DateCreated, TimeCreated

Alongside sensitive customer data, a file called “Rip Curl Store San Sebastien.xlsx” is shared. It consists of names of partner-stores that apparently sell Rip Curl products. The table exposes email addresses, phone numbers, physical addresses of the partner stores, websites, exact locations: latitude and longitude, working hours and something that is called “UrlFriendlyTitle”.

screenshot of “Rip Curl Store San Sebastien.xlsx” table

The data, as seen from the files, concerns only European shops and their respective clients.

At the time of writing this article the company had not released any statements about the incident, nor denied it.

Make sure to read our previous article on virtual credit cards data leak.

Stay up to date with exposed information online. Kaduu with its cyber threat intelligence service offers an affordable insight into the darknet, social media and deep web.