When I got the email to took a quick look at the full headers. The mail appeared to have been routed through constant contact. That jives with their note that their marketing partner was the origin of the emails. If I had to guess, my guess would be that the bad guys gained access to the constant contact login credentials used by OC's.^^
Over the years I would guess that I have made 50+ purchases from O'Connell's and quite a few of said purchases involved emails and/or phone calls. I'm sure that when O'Connell's data base was hacked that our respective email addresses were gained from that source. Just an opinion!