SparkList confirms e-mail address theft
An internal investigation into complaints about spam revealed that the lists were compromised in March, SparkList COO Steven Brown said in an e-mail to clients on Tuesday.
"This incident does not appear to be a technical, widespread compromise of SparkList servers, due to the fact that most lists were not compromised," Brown said.
SparkList, which was acquired by Lyris Technologies in August, said it suspected former employees were responsible for the theft of addresses because only a small portion of the database was compromised. "An outside entity would not limit itself to a small subset of the addresses available," Brown said.
After the acquisition, Lyris hired only three of SparkList's 20 to 25 employees, Brown had said previously.
SparkList said the organization sending the spam was a "well-known spammer" and that it was exploring its legal options in relation to anti-spam laws. It also said it was assisting law enforcement officials in the investigation.
The company hired Word to the Wise, an outside consulting firm, to investigate the matter after current and former Lyris customers
SparkList executives were not immediately available for comment.
Security vulnerabilities on the Web are not a new thing. A hack at Amazon.com-owned Bibliofind last year
Spam, or unsolicited e-mail, has been overwhelming the servers and in-boxes of many Net users, forcing some companies and organizations to take