Security breach in Imperva

27/08/2019

Imperva, provider of cybersecurity services, has suffered a security incident allowing an exposure of information that has affected its product Cloud Web Application Firewall (WAF), formerly known as Incapsula.

Chris Hylen, CEO of the company, explains in an official statement that among the data exposed by customers are email addresses, passwords, API keys and SSL certificates provided by the customer.

The company has initiated investigation of the incident, informing affected customers, and recommends taking a serie of measures, such as changing account passwords, implementing Single Sign-On, enabling dual-factor authentication, resetting API keys, and generating and uploading a new SSL certificate.

[Update 16/10/2019] Kunal Anand, the company's CTO (Chief Technology Officer), has updated Imperva's official statement, providing more details on the security breach suffered. According to the new data, the company identified the origin of the breach to a key API of Amazon Web Services (AWS), which a cyberattacker stole from an internal system accessible from the Internet and without any protection. Imperva has improved its security, placing all its internal instances behind a VPN (Virtual Private Network).

References

27/08/2019

imperva.com

[Actualización 16/10/2019] Imperva Security Update
27/08/2019

thehackernews.com

Imperva Breach Exposes WAF Customers' Data, Including SSL Certs, API Keys
27/08/2019

zdnet.com

Imperva discloses security incident impacting cloud firewall users
27/08/2019

seguridadyfirewall.cl

Brecha en Cloud WAF de imperva, expone claves api y certificados SSL de algunos clientes
10/10/2019

zdnet.com

[Actualización 16/10/2019] Imperva blames data breach on stolen AWS API key

Etiquetas