Home News Data Breach Occurred due to Series of Missteps: Imperva

Data Breach Occurred due to Series of Missteps: Imperva

Imperva Data Breach

The data breach that recently affected customers of Imperva’s Cloud Web Application Firewall (WAF) occurred due to errors that happened while the company was migrating to a cloud-based database service, Imperva’s Chief Technology Officer, Kunal Anand, recently disclosed.

According to Anand, Imperva started migrating to the AWS Relational Database Service (RDS) in 2017. And a series of mistakes during this process allowed an unauthorized party to steal an administrative API key for one of Imperva’s product Incapsula, the firm’s cloud Web Application Firewall (WAF).

Anand stated that after the investigation with its internal security teams and outside forensics specialists, it identified that unauthorized use of an administrative API key in one of the company’s AWS accounts in October 2018, led to an exposure of a database snapshot containing emails and hashed passwords.

“I’ll start by going back to 2017 when our Cloud WAF, previously known as Incapsula, was under a significant load from onboarding new customers and meeting their critical demands. That year, our product development team began the process of adopting cloud technologies and migrated to AWS Relational Database Service (RDS) to scale our user database,” Anand said in a statement.

In August 2019, Imperva notified its customers about the data breach that affected a subset of its Cloud WAF. “We learned from a third-party of a data exposure that impacts a subset of customers of our Cloud WAF product who had accounts through September 15, 2017,” wrote Heli Erickson, director of analyst relations at Imperva. “We want to be very clear that this data exposure is limited to our Cloud WAF product.”

“While the situation remains under investigation, what we know today is that elements of our Incapsula customer database from 2017, including email addresses and hashed and salted passwords, and, for a subset of the Incapsula customers from 2017, API keys and customer-provided SSL certificates, were exposed,” Erickson added.


Subscribe Now to receive Free Newsletter

* indicates required

By submitting this form, you are consenting to receive marketing emails from: EC-Council, 101 C Sun Ave. NE, Albuquerque, NM, 87109, http://www.eccouncil.org. You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact