Campaign Monitor, arguably the only email marketing tool worth using, was compromised by hackers. From the team’s post:

This is horrible news to have to release, but unfortunately Campaign Monitor has been attacked by one or more hackers, and some of your accounts have been compromised. This has been a deliberate, planned and complex intrusion and we are still in the process of handling the hacks and the impact.

In several cases, the hacker imported their own lists, and managed to send spam to those lists and in some cases the lists already in the account.

Whenever anyone talks about the dangers of cloud services, this is exactly the scenario that plays out in their mind. You trust your data to some third party, and that third party, through no fault of yours, is compromised.

Worse, Campaign Monitor was a shell service: something numerous agencies resold to their clients, unbranded and often masked. More than one designer will wake up to the news that they’ll have to call a client who trusted them, and explain how a service the client may never have realized was responsible for their information is now at fault for damaging their relationships with their customers. I watch my inbox with a certain dread that I’ll be next.

In terms of response, Campaign Monitor couldn’t have handled it better. An honest, “something terrible happened” post, emails directly to the customer’s affected and to every customer, no matter whether their data was touched. A warning; We’re vulnerable. We’re sorry. We’re trying.

Of course, apologies aren’t necessary if you never make mistake.

And while we’re living in fantasy world, I demand Campaign Monitor send me a unicorn.