Havn't blogged in a while, but this one has me very motivated.
Solarwinds are a relatively well known IT Management & Monitoring Software company.
Amongst their commercial product suite(s) are free tools that they make available to people who simply have to provide their personal information (name, email address, some other information) so that they can collect information about who's using the tools. Supposedly.
I have personally used their TFTP Server and their Advanced Subnet Calculator at various stages over the last 7 years or so and been fairly happy with them; despite being bannerware they actually do what they advertise and the Subnet Calculator has been very helpful as recently as in the last 12 months. (I run Linux almost exclusively these days, but still flitter in Windows and when i'm there, these tools still feature).
Unfortunately for Solarwinds, they've ever compromised their standards and disclosed their user information publically, or... they've been compromised, and had their user information disclosed publically.
On 6 December 2012 I received a spam email to an address i'd only ever given to Solarwinds.com.
Noting this I engaged with Solarwinds via Twitter, who, to their credit, were prompt in responding and I forwarded a full-headers version to them at their request.
Unfortunately there's been nothing further from them, and today I received yet more Spam. Similar enough I believe it to be from the same crowd.
A quick look on their Facebook page shows i'm not the only one now receiving unsolicited email to an email address that was exclusively given to Solarwinds.com only. Noone else.
So it's time to put it 'out there'. Did you receive the above? To an address disclosed to solarwinds.com ? Surely a company such as Solarwinds must realise how scandalous this sort of thing can be - or is?