UPDATE: Just after we posted the story below, New York Times reporters confirmed that the e-mail was from the paper, and that it was mistakenly sent to more than 8 million people instead of only 300 as intended. Previously, the Times said the message was spam and denied sending it.

Original story: The New York Times has some confused customers on its hands after spammers apparently took control of the newspaper's e-mail marketing list on Wednesday, asking former subscribers to call the Times to reinstate their subscriptions with an "exclusive" 50 percent discount.

The e-mail looks legitimate, and contains the message: "Dear Home Delivery Subscriber, Our records indicate that you recently requested to cancel your home delivery subscription. We do hope you’ll reconsider. To continue your subscription call 1-877-698-0025 and mention code 38H9H." It was clear to many people that it was either a hoax or a mistake, given that recipients included many who were never subscribers and people who subscribe but haven't canceled. Trying to call the number mentioned in the e-mail currently results in a busy signal. The Times' publicly listed customer service number is also giving out busy signals as of publication, possibly indicating the paper's phone system is overwhelmed by calls.

The New York Times confirmed the spam e-mail was a fake, saying in a tweet that "If you received an email today about canceling your NYT subscription, ignore it. It's not from us." The problem may be that the e-mail marketing firm the Times contracts with was hacked, according to GigaOm.

GigaOm says the message was "apparently sent by bfi0.com, a mail server that’s registered to Epsilon Data Management, division of Alliance Data Systems that manages email marketing campaigns. It’s still early to tell, but it looks like Epsilon has been contracted by the NYT to do its email marketing campaigns, and that Epsilon’s security has been compromised." Similar incidents happened to Epsilon customers JP Morgan Chase, TiVo, and others earlier this year. (As we note in the update up top, in this case there was no hack of Epsilon. The Times now says the e-mail was mistakenly sent by a Times employee, not an employee of Epsilon.)