Originally Posted by Zoomer via CGP

So far I have confirmations from people that do not have their email attached to clubGP who have recieved this spam.

I have also received confirmations from people who have never bought from ZZP or had their email attached to ZZP or the other sites who received the spam.

We're still working on the issue and haven't noticed anything strange log ins, changes to anything on the site, coupon codes added or changed, etc.

We have two separate comanies with teams pouring over our code. Neither has found any holes and the software. While based on OScommerce, our site is so highly modified from the orignal code, that the developer was offended when it was called OScommerce. Being this custom, it would be very difficult to hack into our site based on a hole in the code. We're still looking none-the-less. Even not finding anything, we are adding encription to coupon codes, customer data, and putting SSL? on the admin side. Should take effect shortly.

We have been in contact with helidirect and their software developer. They claim that their code is good. Their code and their site are totally different from ours. They also host with a completely different company. They did find the breach though and it relates to their server. For security reasons, I don't want to go into it further until they have completed the patches. We checked our site and server and we did not have the exploits affecting them.

No info from zipzoomfly, but I'm guessing that was added for email legitimacy.

On our site we are leaning towards a brute force attack stealing our admin password which would give them access to the site. He couldn't change code or get in super deep but he could get email addresses, change coupons, look up people'* order history and edit products. The only thing we ever noticed was that one coupon code and nothing more. Since changing our password, we haven't had issues. As a further step we will probably be changing hosts just in case. I'll post more info as I get it.