As discussed here, here, and confirmed here, the email service provider Aweber was the victim of some sort of cyber-attack that resulted in bad guys getting access to email addresses stored in the Aweber system. This was tracked by way of spam starting to be received at unique addresses only given to various companies using Aweber for their email list management.
Not good news at all, for anyone involved. What can you do about it? I'm not sure, to be honest. There is no easy answer; no way to undo this. If anything comes to mind, I'll be happy to share it here. And to my readers, if you have any ideas on what an ESP's client should do if their ESP gets hacked, resulting in the loss of list data, please feel free to share in comments.