The hacker, who called himself Fdf, used a SQL injection attack to access the database while the Barracuda Web Application Firewall had been taken offline for maintenance. Michael Perone, Barracuda's executive vice president, says:
The good news is the information compromised was essentially just names and email addresses, and no financial information is even stored in those databases.
Barracuda is just the latest in a string of security firms to be breached this year. RSA's SecurID authentication tokens were put at risk following an "extremely sophisticated cyber attack." And Iranian hackers are believed to be behind a security breach of Comodo, a firm that issues Secure Socket Layer (SSL) certificates.