Imperva CEO Chris Hylen revealed that the company learned about the incident on August 20, 2019, when it was informed about the data exposure impacting Cloud Web Application Firewall (WAF) product.
“We want to be very clear that this data exposure is limited
Laked data included email addresses and hashed and salted passwords for all Cloud WAF customers who registered before 15th September 2017.
The company informed global regulatory agencies and launched an investigation of the security breach with the help of outside forensic experts.
“We activated our internal data security response team and protocol, and continue to investigate with the full capacity of our resources how this exposure occurred,” continues the CEO. “We have informed the appropriate global regulatory agencies. We have engaged outside forensic experts.”
Imperva did not share details
“We profoundly regret that this incident occurred and will continue to share updates going forward. In addition, we will share learnings and new best practices that may come from our investigation and enhanced security measures with the broader industry,” the company concludes.
The company urges Cloud WAF users to change their passwords, implement Single Sign-On (SSO), enable
(SecurityAffairs – Imperva, data breach)
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.