Spammers throwing unknown CAPTCHA session ID error and getting through?

We've had a bit of spam on the contact form protected by reCAPTCHA. The sequence of events:

Friday, February 26, 2010 - 09:25 (Timestamp from DB: 1267176321)
contact_mail_page post blocked by CAPTCHA module: challenge "reCAPTCHA" (by module "recaptcha"), user answered "reCAPTCHA", but the solution was "1".
Hostname 122.163.87.59

Friday, February 26, 2010 - 09:26 (Timestamp from DB: 1267176377)
Felicia Sams [seo.sales.traffic@gmail.com] sent an e-mail regarding [Subject line].
Hostname 122.163.87.59

Friday, February 26, 2010 - 09:26 (Timestamp from DB: 1267176379)
CAPTCHA validation error: unknown CAPTCHA session ID ('6336').
Hostname 122.163.87.59

In the CAPTCHA sessions table:
csid uid ip_address timestamp form_id solution status attempts
6329 0 122.163.87.59 1267176126 contact_mail_page 1 0 1
6336 0 122.163.87.59 1267176321 contact_mail_page 1 1 1
6340 0 122.163.87.59 1267176377 contact_mail_page undefined 0 0
6341 0 122.163.87.59 1267176380 contact_mail_page 1 0 0

In the session table:
uid hostname timestamp cache session
0 122.163.87.59 1267176380 0 masquerading|N;captcha_success_form_ids|a:1:{s:17:"contact_mail_page";s:17:"contact_mail_page";}

I'm wondering if the bot is somehow throwing an error on the CAPTCHA or reCAPTCHA module that is allowing them to get through? Any ideas?