Barracuda Networks Details Security Breach

2 May 2011

Barracuda Networks website suffered a breach on April 8, 2011. It appears that all the crackers got were some people’s names and email addresses from a Marketing database used to send event announcements and such emails to opt-in customers.

On Tuesday, April 26, Oliver Wai, a Product Marketing Manager at Barracuda Networks posted a blog entry detailing how the SQL injection attack was conducted.

We need to see more companies step up like this and provide useful technical (and anecdotal) information about breaches of their data. It helps us all to be reminded to watch out for such things, but also to see it in action. All too many who are not up to their eyeballs in that, “security nonsense,” as I’ve heard some of them call it, don’t have the benefit of seeing what those of us in the know have seen, like this example which Barracuda Networks has so graciously shared.

I’m sure there are a number of people who will now be more interested in examining their Barracuda Web Application Firewall product.