Aweber Hacked; Email Addresses Stolen

As discussed here, here, and confirmed here, the email service provider Aweber was the victim of some sort of cyber-attack that resulted in bad guys getting access to email addresses stored in the Aweber system. This was tracked by way of spam starting to be received at unique addresses only given to various companies using Aweber for their email list management.

Not good news at all, for anyone involved. What can you do about it? I'm not sure, to be honest. There is no easy answer; no way to undo this. If anything comes to mind, I'll be happy to share it here. And to my readers, if you have any ideas on what an ESP's client should do if their ESP gets hacked, resulting in the loss of list data, please feel free to share in comments.

3 comments:

Mike said...

If your trusted partner has a security breach that compromises your data, it's almost always because the partner wasn't exercising due care. A partner that doesn't exercise due care should become your former partner.

I have no information about this particular event other than what was posted here; it's possible that Aweber did everything right and was still a victim.

Al Iverson said...

If you have no information, I'm not sure how wise it is to speculate about how it must be the partner's fault. Even good guys get robbed sometimes. I'm not saying they're excused from blame or consideration for blame, but until I know more I'm more likely to say "I need to know more" instead of blaming them.

23539697 said...

This is an old post, but guess what, it happened again!
AWeber Database Hacked, Email Addresses Stolen. Again.

I think I'm with Mike here. Once - maybe the hacker just had a really lucky shot. Twice - there's something wrong with your approach to security!

(BTW, that's my ICQ number up there after I signed in with AIM, can't comment with my own name :-( I'm Mike.)