|
Thread Index [isp-investor] Re: List Sick?
How is this different from a spammer subscribing to the lists and harvesting the email addys of those that post to the list, or going through the archives for addys? Jeff ----- Original Message ----- From: "Rob Johansen" <rj@...> To: <isp-investor@isp-investor.com> Sent: Friday, September 20, 2002 11:30 AM Subject: [isp-investor] Re: List Sick? > This was on the CEO list today. > > > > > SparkList Says Files Were Source > Of Spam for Clients' Subscribers > By STACY FORSTER > THE WALL STREET JOURNAL ONLINE > > http://online.wsj.com/article/0,,SB1032271811115740715,00.html?mod=dartTecht > oday > > > After a week of finger pointing by angry clients, SparkList.com disclosed > that customer e-mail addresses housed in its databases had been stolen, and > that some of its clients' customers were subjected to a barrage of spam. > > In a letter to its clients Tuesday, SparkList, which manages and hosts > e-mail subscription lists, said an internal investigation into complaints > about spam had turned up evidence that the lists were misappropriated > sometime in March 2002. > > SparkList, which was acquired by Lyris Technologies Inc., Berkeley, Calif., > in August, said the theft of addresses was likely an inside job and is > focusing on former employees. SparkList said the incident appears to be > isolated to a small section of the company's database of 50 million e-mail > addresses, and that spam they are receiving is coming from a known spammer. > > "This incident does not appear to be a technical, widespread compromise of > SparkList servers, due to the fact that most lists were not compromised," > said Steven Brown, chief operating officer of SparkList, in the letter to > its clients. > > SparkList, based in Green Bay, Wis., also outlined a number of security > upgrades for its network and servers and says the breach was limited. > > The problem was first discovered by a handful of newsletter subscribers, who > try to track the spam they receive by subscribing to Internet publications > using unique e-mail addresses designed to identify each subscription. For > example, a subscriber to a Wall Street Journal Online list might use > "jdoe-wsjonline@... By doing so, when spam is sent to a particular > account, the subscriber will know immediately how the spammer had gotten > hold of the e-mail address. > > Until Tuesday's letter, SparkList conceded that five clients had complained > about a problem, but hadn't ruled out other possibilities for the > misappropriation of the e-mail addresses. > > Mr. Brown declined to comment beyond the memo, citing the current probe. He > also declined to say how many clients were affected, or how many e-mail > addresses were exposed. > > As a result of the investigation, SparkList said it will now focus on > investigating former employees' access to the company's e-mail lists, as it > is unlikely that an outsider would have limited the breach to such a small > subset of the entire database. Companies targeted were in the marketing > industry, said Laura Atkins, chief executive officer of Word to the Wise, a > San Carlos, Calif., consulting firm conducting the investigation. > > SparkList's clients praised the company for taking responsibility for the > breach, but were surprised that the new security measures the company said > it would undertake weren't already in place. > > "It's like a mechanic saying they're going to put all the bolts on your > radiator. They should already be there," said Alexis Gutzman, technology > editor for MarketingSherpa.com. The Washington-based publication saw its > lists compromised and went public with the problem in a newsletter. > > Ms. Atkins also said SparkList may not be alone. She says there is evidence > showing that e-mail addresses managed by a competing e-mail hosting service, > New York-based PostmasterDirect, are receiving the same spam. > > "My feeling is this is a bigger issue than Lyris or SparkList," she said. > > Michael Mayor, president and chief operating officer of PostmasterDirect, > said his company had received a limited number of complaints and is doing > all it can to trace the source of the spam. "There are a lot of ways those > e-mail addresses could have been spammed, but we're investigating all of > them," he said. > > For SparkList's clients -- many of whom advise their own customers on how to > use e-mail for marketing purposes -- the incident is a reminder that no > matter how careful a user is, no e-mail account is spam-proof. > > Earlier this year, for instance, technology consultant Ian Leicht set up his > own unique e-mail addresses for various job-search newsletter subscriptions, > and they were spam-free until several weeks. But last month an e-mail > address he created for a newsletter generated by SparkList client > GasPedal -- a New York consulting firm that advises clients on e-mail > marketing -- suddenly started receiving spam advertising pornography. > > Andy Sernovitz, president of GasPedal and former director of the Association > for Interactive Marketing, said when his customers receive spam that is > linked to an address given to his Web site, it reflects poorly on his > ability to advise clients about effective e-mail marketing. "I make my > living advising companies on how to do e-mail legitimately, and they get > porn with my company's name on it?" he said. "It undercuts my legitimacy." > > For consumers, the breach just means more spam in already-overflowing > e-mailboxes. Once the Pandora's box is opened and an e-mail address has > reached the public domain, it's nearly impossible to put the lid back on. > > "If [spammers] get that address and it's compromised, there's no way to > correct it and stop it," said Graham Dickson, president and chief executive > of Emailias.com, an e-mail alias service, and a GasPedal subscriber now > receiving spam because of the purloined lists. "There's no way to get it > back." > > Write to Stacy Forster at stacy.forster@... > > Updated September 18, 2002 7:01 p.m. EDT > > > > ----- Original Message ----- > From: "Gary Carr" <gc_list@...> > To: <isp-investor@isp-investor.com> > Sent: Friday, September 20, 2002 12:40 PM > Subject: [isp-investor] Re: List Sick? > > > > All of the spark lists have been flaky at best. The isp-equipment goes > days > > at a time with no messages. > > > > > > > > Gary > > > > > > > Obviously this is an off list topic, > > > curious to know - > > > Is everyone getting this response when submitting to the list? > > > I missed several days of posts - seemingly no posts at all. > > > Upon submitting, yesterday & today, received daemon msgs. > > > > > > BTW - If multiple posts occurred, apologies ... > > > > > > Mike > > > > > > -----Original Message----- > > > From: MAILER-DAEMON@..."mailto:MAILER-DAEMON@...">mailto:MAILER-DAEMON@...> > > Sent: Friday, September 20, 2002 12:12 PM > > > Subject: Mail Message could not be delivered to > > > [freelove4u@...] > > > > > > > > > Reason was -- Cannot deliver to addresses [freelove4u@...]. > > > > > > Returning to sender > > > > > > > > > > > > > > > > > > > > > > >
Thread Index |
|
