I run Plesk installs with full root access, and even then cannot find much logging info on these kind of breaches.
When they exploit phpBB, it goes through http, and the access will be in your regular web log. However, it will not show anything unusual (other than lots of accesses from Brazil ;-); the logs are not particularly helpful.
Best thing is to assume the breach has happened. Load up the latest version of phpBB to prevent further exploits. Check your system carefully for rootkits and trojans. If you don't know how to do that, you have two choices: find a consultant who can do it; or reload the entire system from scratch.
For serious ecommerce, you need a monitoring service like Scanalert to make sure these things don't happen.
Good Luck.