- Email Marketing Tips - http://www.aweber.com/blog -
How We’ve Addressed The Recent Data Compromise
Posted By Justin Premick On December 21, 2009 @ 5:21 pm In Uncategorized | Comments Disabled
December 21, 2009
AWeber was recently the victim of an intentional attack to mine email addresses.
We’d like to take this opportunity to share what happened, what was (and was not) affected and what we’re doing as a result of this attack.
We use a variety of pieces of software to run different parts of our service and provide support to customers. Some of these are tools we have developed ourselves; others are third-party ones that we license from other companies.
By exploiting and combining vulnerabilities in two separate third-party software systems, the perpetrators managed to gain access to a part of our system where subscriber email addresses are stored.
We have received reports of some of those email addresses receiving spam messages. While the volume of these reports is low, we are treating this incident with the utmost seriousness and addressing it fully.
We have reason to believe that the party responsible for this was either directly or indirectly a part of an overseas organized group.
As noted above, the information that was exported was strictly subscribers’ email addresses.
All other customer information was and still remains secure and unaffected:
Additionally, while the perpetrators did acquire some email addresses, the AWeber system was NOT used to send out any spam email on behalf of these perpetrators. Any spam sent to these subscribers was sent via the perpetrators’ own systems. This is important to note because this means it will not affect deliverability rates.
We have identified and fixed the vulnerabilities that were used in the attack.
Additionally, we are evaluating other options for these and other third-party softwares that we use to determine if there any other solutions that offer further protections.
As you know, AWeber is staunchly opposed to spam. We take great pains to make sure that our customers engage solely in permission-based email marketing and utilize best practices. We participate in and learn from communities such as the Messaging Anti-Abuse Working Group to help fight the global messaging abuse problem.
We’re very sorry this occurred and may have affected you. We have taken extra steps beyond fixing the problem to ensure that such a breach cannot occur again.
We appreciate the trust and support our customers have expressed throughout the process of investigating this event and reinforcing the security of our systems.
Those wishing to reach us with specific questions regarding this attack are encouraged to call our Customer Solutions Team , who will immediately address your concerns.
US Phone: 877-AWEBER-1
International Phone: +1 215-825-2196
Email: http://www.aweber.com/contact-us.htm 
Article printed from Email Marketing Tips: http://www.aweber.com/blog
URL to article: http://www.aweber.com/blog/uncategorized/data-compromise.htm
URLs in this post:
 Customer Solutions Team: http://www.aweber.com/contact-us.htm
Copyright © 2008 AWeber Communications, Inc. All rights reserved.