Security firm Imperva revealed it has suffered a data breach that affecting some customers of its Cloud Web Application Firewall (WAF) product.
Imperva CEO Chris Hylen revealed that the company learned about the incident on August 20, 2019, when it was informed about the data exposure impacting Cloud Web Application Firewall (WAF) product.
“We want to be very clear that this data exposure is limited
- On August 20, 2019, we learned from a third party of a data exposure that impacts a subset of customers of our Cloud WAF product who had accounts through September 15, 2017.
- Elements of our Incapsula customer database through September 15, 2017 were exposed. These included:
email addresseshashed and salted passwords“
Laked data included email addresses and hashed and salted passwords for all Cloud WAF customers who registered before 15th September 2017.
The company informed global regulatory agencies and launched an investigation of the security breach with the help of outside forensic experts.
“We activated our internal data security response team and protocol, and continue to investigate with the full capacity of our resources how this exposure occurred,” continues the CEO. “We have informed the appropriate global regulatory agencies. We have engaged outside forensic experts.”
Imperva did not share details
“We profoundly regret that this incident occurred and will continue to share updates going forward. In addition, we will share learnings and new best practices that may come from our investigation and enhanced security measures with the broader industry,” the company concludes.
The company urges Cloud WAF users to change their passwords, implement Single Sign-On (SSO), enable
| [adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – Imperva, data breach)
[adrotate banner=”5″]
[adrotate banner=”13″]
Share On
