hmmm... wow, okay.

SO, I've learnt a valuable lesson on what to consider a secure password!

So evidently, even when salted, 8 characters containing letters, numbers and symbols is no-where near secure enough, even when it bares no relation to my username or email address...  in retrospect, something approaching 'leet speak' with perhaps obvious character replacement isn't the wisest choice.

SO you think its probably down to either malware or phising?

I'm not ruling it out but I'd be surprised if it was either.
I consider myself fairly savvy and know I haven't responded to any email phishing (I've certainly binned a few attempts) and have been super wary about watching URL's regarding anything to do with bitcoin. Also I'm not aware of any mac malware, but if anyone knows of any other than the Mac Defender thing I'd like to be enlightened...

Really keen to know exactly how this was done... even if its just to educate me on what to look for!