PlusNet may well know where the leak came from but because it's a 3rd party company they're not at liberty to say until said party OKs it. Legal matters may well play a part in this too.
All very much guess work though but it does make some sense.

Well I and others have mentioned some time ago that
1) investigating this type of thing can often take a long time
2) PN approaching 3rd parties is a potential legal matter and not just a quick "key mate" phone call
3) Where PN management are currently failing is in keeping affected members updated.  In the absence of status reports and/or  a "we are no longer investigating" statement then of course for as long as this continues people will get more upset and agitated.

I think maybe those who are still dissatisfied should do what the ICO representative said instead of moaning here:
"If a person still believes that the company has failed to look after their information then they should raise their concerns with Plusnet in the first instance. If they are not satisfied with the company’s response then they can raise the issue with our office providing any supporting evidence that they have, including details of the company’s response."
This is the correct and perfectly legitimate thing to do instead of blowing off steam here.  Remember there are a few PN good frontline/techie employees here who have been dealt a bad hand with this issue and are doing/have done the best they can within PN management parameters.  So these good poor individuals will be distressed and upset every time they visit here and continue to see dissatisfaction and anger.

So hit the senior PN Management and the ICO with your complaints!   

Still nothing since I unsubscribed both affected email addresses two weeks ago.

As with Kev, I'm now at over 2 weeks since unsubscribing: So far so good.
Having logged in every two or three of days in the last couple of weeks to check on the thread, I'm disappointed that there hasn't been an update posted today.
I would like to see a weekly update at least, just to say, "nothing further to report: We're continuing to follow up with [relevant person or company, etc.]." Or genuinely, "No, we're taking no responsibility despite all the blindingly obvious evidence we've been presented with."
I think that would only be polite given that the situation is that we trusted Plus Net with an email address, and their actions have resulted in those email addresses being used outside of their control.
Given that it's now 16 days since Chris Parr's official response, stating that

Quote

Our investigation is reaching an end now, which means it's unlikely that we'll be able to add much further beyond what's written above and what we have communicated to you previously.

http://community.plus.net/forum/index.php/topic,133959.msg1182640.html#msg1182640
I am taking that as the final word, and therefore, for those that haven't yet done so, report Plus Net here:
https://ico.org.uk/concerns/handling/
It's a painful process involving a PDF that you have to fill in, save and email:
Plus Net, The Balance, 2 Pinfold Street, Sheffield, S1 2GU
Business Support 0800 028 0282
Residential Support 0800 432 0200
Email address: May as well use: pressroom@plus.net given that Plus Net are breaking the EU laws on having an email address in plain text available on their website. So yeah, by all means protect yourself from spam, but screw your customers' data, just hand that out to any old random company.

Well, I'm late to the party, but finally my first spam mail.
From:  Amanda Clemons [Jerald.a53e@ticu.edu.tr]
Subject:  INVOICE ADVISE
Attachment: INV_8769OB.doc
Good morning
Happy New Year
Please could you advise on the the  November GBP invoice in the attachment for me?
Many thanks
Kind Regards
Amanda Clemons
Controller
BELVOIR LETTINGS PLC
Email secured by Check Point

To clarify, this was sent to PN email address (username@username.force9.co.uk) which has only ever been used for billing correspondence with Plusnet, and before that, Force 9.  
The mail account does receive and send mail, but through my domain hosting mail account.  All the mails I receive to this mail box have been sent to dave.brown@mydomain.  Except for billing reminders from PN, and ticket updates.
Up until today only one company knew of (and used) my force9 mail address...and that was Plusnet.  It has never been sent anywhere else.  And anyway if it had, it would have been over five years ago.  What are the chances that it has finally ended up on a spam list at the same time as other PN account addresses?

Quote from: Townman

...If the emails are being sent to a specific address used for PlusNET billing only, then the answer is to change your account's contact email address and redirect the old address to the black hole...

I have a problem here. I've just gone to my Account control panel, and the email address listed as my contact isn't my PN one.  I recieve two emails of biling information each month, one to my contact address and one to my PN address.
The PN address is the one that has received the spam.  I assumed that would be the one in my Contact Details, but it isn't.  The one in my contact details is actually my work mail (because we have a powerful spam filter on our Exchange ports).  So spam may well be sent to that, but our filters will remove it.
So I can only change the email address that isn't a problem. I can't change the one that is.  Unless somebody knows different.

EDIT: Actually the plot thickens.  I've just realised that my Plusnet billing mails are actually being sent to postmaster@username.force9.co.uk, with a cc to my Contact mail address.  So even if the cause was an intercepted mail to my Contact mail address. it would have resulted in "postmaster" being the harvested mail address, not "username".
So it turns out that the mail address that I am now receiving spam on has never been used by anybody else. Even Plusnet themselves don't send mails to it!  It therefore could not have been a result of harvesting, but must have come directly from stolen account details.  Actualy let me amend that slightly.  It may not have come from stolen billing details, since the email that is receiving spam isn't listed on the billing section, but may have come from stolen contact details.

@lorisarvendu
If you were a customer in 2007 when plusnet were hacked, that'll be the source of the username@username.force9.co.uk address.

Hi kmilburn
Yes I was with PN in 2007 (I joined F9 in 2005).  So we have two scenarios here:

1.) PN were hacked in 2007 and it has taken 7 years for my stolen email address to get it's first spam email.
2) Several PN users have suddenly started getting spam on their PN email accounts.  I am a PN user.

Can I ask why you think the first scenario is the correct one? 

I see the odd email dropping into my equivalent accout (few and far between),  there's probably a lot more being sent to it but I have Plusnets spam filter turned on.
Plusnet were the only one to ever have that address as I'd never used that form of it anywhere else. So in my instance, it was definately the 2007 hack which got that address into the wild.

I've just started following up on the emails that I have been receiving for some time to my PlusNet-only email address. 
To add further evidence, yesterday I received emails from Ladbrokes, Windows Compare and Match.com.  Today I have received an email from Amazon Prime.
I joined PlusNet in October 2011.
I wish PlusNet would give an honest response to the concerns I feel, and expressed by others above.

I've not been receiving spam to my Plusnet billing address, but I have this week received a flurry of spam addressed to unique Plusnet addresses used for other sites (e.g. if sign up at abc.com I'll use abc@mydomain.plus.net).
Mail received addressed to:-
consumeractiongroup@mydomain.plus.com (unsurprising, they were hacked ages ago)
macupdate@mydomain.plus.com
paypal@mydomain.plus.com
partsgateway@mydomain.plus.com (received one other on 22nd Nov 2013)
imoc@mydomain.plus.com (received one other on 23rd April 2014)
Also to a separate domain name I have hosted with PlusNet (I can find no trace of ANY email ever going to the particular address used, but it may be in the hidden WHOIS details). Plusnet admins should be able to work out the email address (it's my first name @ the only .co.uk address I have hosted with PN).
All the recent spam appears to be in the format seen below:-
Received: from 105-237-214-174.access.mtnbusiness.co.za ([105.237.215.51])
From: "Claudia" <imocagf@mtnbusiness.co.za>
To: imoc@mydomain.plus.com
Reply-to: imocagf@mtnbusiness.co.za
Subject: In 1990, Saaroa was nearly extinct.
As a result, she stopped killing and took a passive role, waiting for Harvey to finish the job so they could settle down. Joe found this book in 1967 while he was somewhere in England. Koneswaram is the easternmost shrine of the 5 ancient Iswarams of Shiva on the island. Australian Open in 2005. He lives in West Yorkshire.
-------
Received: from 201-20-171-241.dynamic.fsonline.com.br ([201.20.171.241])
From: "Diann" <macupdateacub@fsonline.com.br>
To: macupdate@mydomain.plus.com
Reply-to: macupdateacub@fsonline.com.br
Subject: They believed that the increased demand would make a sharply reduced rate both affordable and collectible.
It carries more coal than any other railway line in China and the world. The overall impact of the song probably fell just below the top ten. This is the first episode of the series not to feature West. Ma Liang agreed and drew a golden mountain, but he also drew a big ocean around it. English professional football club founded by Wimbledon F.
-------
The HTML version of the email also contains a <title> header containing another random text passage.
Other mail servers (or possibly infected PCs) spam was received from are:-
Received: from [78.39.22.58] ([78.39.22.58])
Received: from static-190-240-143-218.une.net.co ([190.240.143.218])
Received: from wimax-cpe-189-208-28-31.gdljal.static.axtel.net ([189.208.28.31])
Received: from pc ([185.11.68.104])
The mails don't come through any intermediate gateways, they're delivered from the above straight to Plusnet's gateways. The one thing in common, of course, is that Plusnet is the only place where ALL of the addresses will be known (as mentioned above I can find no trace of any other email to the separate domain name).

Been having these sort of e-mails for over a couple of weeks now, prior to that was getting payment notices and all to anything@mydomain.co.uk

Still getting five or six of these things every day.
Still no response from Plusnet.  Would have thought they were much more professional than to just put their fingers in their ears saying "la la la, I can't hear you".
Come on Plusnet, 23 pages and over 350 postings on this thread -  I really think we're entitled to an official response.

Hey Boxman,
Are these still all the GamerSEO purchased, "news," domain name emails (with the same, "237 S Delsea Drive #302 Vineland, NJ 08360," address in the footer), or have our harvested addresses now moved out of the control of that particular operation?
The unsubscribe is still holding nicely for me, no attempted deliveries to the identifying address since the 15th of December, but I'm actually glad you are still receiving the emails, as it will hopefully show the pattern continuing in terms of the domain name ownership.
Are there any more sending domain names to add to the list we compiled in posts #276 and #278?
Link to #278, which has the list quoted and addition: http://community.plus.net/forum/index.php/topic,133959.msg1182350.html#msg1182350
James