Australian email marketing application developers Campaign Monitor warned on Tuesday that it had been the victim of a hacking attack over the weekend.
Unidentified miscreants broke into servers last weekend and accessed some accounts. These compromised accounts were used to send spam, using lists already in the account and those imported by miscreants.
Campaign Monitor has contacted the people whose accounts were used. It has also begun a security review involving external consultants, designed to prevent a repetition of the attack in future. This review resulted in an outage on Monday.
Credit card details were held on the compromised server, but only in an encrypted form. The main impact of the attack is a backlog of email marketing campaigns, made worse by the blocklisting of Campaign Monitor's systems because of spam runs by the hackers who compromised its systems.
Quite how the attack was carried out remains unclear. Campaign Monitor said the attack was a "deliberate, planned and complex intrusion".