Spammer pops Kidspot tots 'n' cots chatterhub

Users of tots-and-cots website Kidspot are getting weight-loss spam after the site was breached, and only belatedly let customers know what was going on.

Hackers in early May made off with a database containing personal information on mums and dads including names, email and postal addresses, and date of birth details for family members of subscribers. This was the basis of the spam campaign, sending recipients to a Hong Kong weight loss site.

On May 15, the company put a statement about the breach on its site.

"An unauthorised user has accessed one of our databases containing some personal information that members have given us," the company said in a statement.

"We believe that the unauthorised user has copied the database and sent an email to people on it promoting weight loss products from a Hong Kong website.

"We promptly took steps to prevent further unauthorised access but we cannot prevent use of the unauthorised copy of the database. We have already brought this to the attention of the Office of the Australian Information Commissioner."

The emails were not thought to contain malicious payloads.

Users were advised to change passwords on other sites where their personal information was used in passwords. Breached information did not include financial data.

The company warned users to be cautious of emails from unknown sources.

Kidspot's original e-mail to users, which was posted to Twitter, is shown below. ®