There are two very distinct issues that occurred starting around 5 May.
The first was a compromised webmail server that had its code changed (one out of eight PN claim). This would try to download and install a trojan to the customer's PC when he/she logged in using only that particular server for normal webmail. If your machines had all the updates for windows and/or an anti-virus you are probably safe. It would be a good idea to run a new antivirus scan and update of Windows to be sure. If the trojan was successful in installing itself it could have compromised your username and password being used not only for accessing your email but any other logins that you might have performed elsewhere on the internet. Even if the trojan wasn't installed, there is a possibility that the hackers were snooping and thereby got access to your username and password but only if you use the webmail feature. Changing the password is therefore a good idea. If you don't use webmail to access your email (or you didn't do this between 5-11 May) the problem shouldn't affect you at all. An email is being sent to those PN have identified using the service. It goes without saying that those that didn't will not be getting this email.
Secondly, and in addition to that, when the hackers managed to compromise PN's servers to change the code to download the trojan, they also managed to steal email addresses from their database. This includes those that have used the webmail feature, the people in your address book and people you have sent an email to using webmail. Those emails addresses have been compromised and there is nothing you can do to salvage the issue. A separate email will be sent to everyone about this.
Edited by rsharma (Wed 16-May-07 12:31:17)