E-mail marketing service Campaign Monitor has been attacked and some accounts have been compromised. The company labeled this as a deliberate, planned and complex intrusion and they are still in the process of handling the impact.
The main attack took place over this weekend, for a few hours on Saturday and Sunday and continuing into this week. Technical details are still sketchy but essentially one of the Campaign Monitor servers was compromised, and that gave the attacker enough access to be able to get into a few customer accounts.
Once the intruder had access, he imported his own lists, and managed to send spam to those lists and in some cases the lists already in the account.
All account owners have been warned about the situation and the company promised to share other relevant details as the become available.