Barracuda Networks Hit by SQL Injection Attack

By Kara Reeder | Apr 12, 2011 | Print this Page
http://www.enterprisenetworkingplanet.com/netsecur/barracuda-networks-hit-sql-injection-attack
According to PCWorld, a hacker has accessed a database belong to security vendor Barracuda Networks and obtained names and email addresses of some of the security company's employees, channel partners and sales leads.

The hacker, who called himself Fdf, used a SQL injection attack to access the database while the Barracuda Web Application Firewall had been taken offline for maintenance. Michael Perone, Barracuda's executive vice president, says:

The good news is the information compromised was essentially just names and email addresses, and no financial information is even stored in those databases.

Barracuda is just the latest in a string of security firms to be breached this year. RSA's SecurID authentication tokens were put at risk following an "extremely sophisticated cyber attack." And Iranian hackers are believed to be behind a security breach of Comodo, a firm that issues Secure Socket Layer (SSL) certificates.