Security company Barracuda Networks was itself hit by a security breach over the weekend that exposed certain information from its databases. An unknown hacker, who apparently took credit for the break-in, launched an attack that exposed a list of Barracuda databases along with the names, phone numbers, and e-mail address of various Barracuda partners.
The attack also uncovered the e-mail addresses of different Barracuda employees along with their passwords. Though the passwords were encrypted, they were done so using a hashing algorithm called MD5, which is considered by many to be a flawed and outdated encryption method.
The attacker grabbed the information using an SQL injection script, which can exploit security holes in a database to retrieve or modify data.
The link for this article located at CNET is no longer available.
