As if surf industry giant Billabong hasn’t been receiving enough bad news mainly from their financial difficulties, incompetent management and takeover speculation, now comes word that hackers broke into Billabong’s website and stole over 21,000 passwords from the website’s users and customers and published them online.

According to Australian news publication iTWire, Billabong stored the details of their website users in plain text, a huge mistake given the relative ease hackers have in stealing the information.  The reported reasoning for Billabong doing this is to make it easier to provide passwords to any customers and users who had requested a password after losing it.  This also made it easier for hackers to steal over 21,000 passwords and dump them online for public access.

In essence, the report shows that Billabong offered the most basic of security systems to protect anyone with an account on their website that included an email address and password. What makes the story even more egregious is the fact that Billabong wasn’t even aware of the password hack until a publication called SC Magazine that provides Information Technology news brought the matter to Billabong’s attention.

"At this stage, we understand that the customer database contains personal information of certain customers of the website, but no financial data.  We view this attack as an extremely serious matter and have taken urgent action to contain the incident and prevent further attacks occurring,” a Billabong representative told SC Magazine.  “We are continuing to gather information about the incident and to establish the extent and nature of the data that may have been accessed.  We will take further appropriate measures as new information comes to light".

Billabong reports that all the accounts with stolen passwords have been deactivated.  However, the news of the relative ease of hackers stealing and publishing over 21,000 passwords from Billabong’s website coupled with Billabong being completely unaware of the website breach until a news publication notified them of the story further validates reports of utter incompetency at Billabong’s highest levels of management.  Billabong has yet to address the news on their website.