Hackers have stolen and published 21,485 clear text passwords from a Billabong customer database in what the Aussie surfwear icon has described as an "extremely serious matter".
The clear-text passwords were uploaded to a codepaste site for #WikiBoatWednesday, an event popular in hacktivist Twitter circles, for which groups publish stolen data caches online.
The hackers also released administrator database tables and other information, including hashed passwords.
Billabong was unaware of the breach until notified by iTnews' sister publication SC Magazine last week.
A spokesperson noted that the breached customer database contained "personal information of certain customers of the website, but no financial data".