Following last week’s reports of a significant uptick in spoofed spam from AOL email addresses, AOL admitted in a blog post Monday that it suffered a significant security breach. According to the AOL mail team, someone gained unauthorized access to information from 2 percent of AOL email accounts: “AOL’s investigation is still underway, however, we have determined that there was unauthorized access to information regarding a significant number of user accounts. This information included AOL users’ email addresses, postal addresses, address book contact information, encrypted passwords and encrypted answers to security questions that we ask when a user resets his or her password, as well as certain employee information.” As noted by Brian Alvey, although the spam emails coming from AOL email addresses were spoofed, the bigger question is where the spammers got the contact details.