A threat actor has allegedly breached and leaked the database of the New Zealand Cruise Association (NZCA). The NZCA is a significant organization based in New Zealand, serving as the leading industry body for the country’s cruise sector. It represents major international cruise lines, local tourism operators, and port authorities, playing a crucial role in one of the nation’s key tourism areas. The breach appears to originate from a compromised WordPress e-commerce instance, with the attacker claiming the system’s security was outdated, allowing for a full database exfiltration.
The cybercriminal posted evidence of the breach on a forum, detailing the structure of the compromised data. The leak allegedly contains sensitive personal and operational information belonging to the association’s members, including prominent companies and staff. The exposure of this data, particularly administrative accounts and session tokens, could lead to further targeted cyberattacks, phishing campaigns, and potential identity theft against the individuals and companies involved.
The allegedly leaked data includes:
- User login credentials, emails, hashed passwords, and roles
- Customer billing and shipping information (name, address, phone, email)
- WooCommerce metadata and session tokens
- Administrator and moderator account details
