Cyber-security and DDoS mitigation firm Imperva revealed a security incident that has exposed sensitive information of some of its customers. The breach affected the users of its cloud Web Application Firewall (WAF), formerly known as Incapsula.
According to a message posted on the company website, they came to know about a data exposure from a third party that affects a subset of customers of their Cloud WAF product who had accounts through September 15, 2017
The data exposed data includes customer email addresses and hashed and salted passwords. For some users, API keys and customer-provided SSL certificates were also exposed.
Imperva assured that the security incident affected only its cloud WAF users, and not any other product.
As a result of the breach, the company started to notify its impacted customers and urge the users to change passwords for their cloud WAF accounts.
The company also apologized to its customers and had involved forensics experts to help with the investigation. They also informed the relevant global regulatory agencies regarding the breach.
A spokesperson at Imperva stated that the investigation process is going on and further details are not available as of now.
Imperva acquired Incapsula and its suite of products, including the cloud WAF, in February 2014. Later investment firm Thoma Bravo acquired Imperva in February 2019 for $2.1 billion.
All Cloud WAF users are recommended to change their account passwords, implement Single Sign-On (SSO), enable two-factor authentication (2FA), generate and upload new SSL certificate, and reset their API keys.