Noticed sudden spike in site usage. Logs revealed *many* hits to contact form page. Went to control panel to check on this plugin (contact form iii), was denied access due to insufficient security.
One day later, usage back to normal.
Not scientific, not conclusive, but it seems fairly obvious to me that someone has hacked this plugin. Shame, too. Used it for some time and was quite happy with it.
Edit: added '?' to topic since I cannot positively make the statement.