[SLSMan]

I had this happen to me a few years ago. The point of the newsletter spam was to try to hide a confirmation e-mail from online order using my account on an online store. The attacker gained access to the my account at the store using a password from an old data breach. They signed up for hundreds of newsletters in the span of a few minutes, then placed an order using the stolen credentials. The confirmation e-mail was buried in a mountain of spam, making it almost impossible to discover that the attacker had placed an order using my account. Fortunately, I hadn’t used that store in ages, so all of the billing info they had on file was out of date and the order was cancelled automatically. Try searching your email for “order” or something similar and see if anything came in during the newsletter bomb.

[cupofjoakim]

Oh god, thanks for the tip. Luckily it seems no orders have gone through yet, but I'll keep an extra eye out. My password manager has breach monitoring and I haven't seen my mail be in any leaks since I last updated my pw, so hopefully this won't happen. Still changed my pw at all the top vendors though :)