Imperva Cybersecurity Company today reported a safety incident that has led to information exposure influencing a subset of clients using its earlier recognized product, Incapsula, Cloud web application firewall (WAF).
Imperva’s Cloud WFA is a managed service designed to protect cloud services against “known and unknown threats including all OW ASP top 10 threats and zero-days threats.”
The data exposure incident is only limited to the WAF cloud as President and CEO Chris Hylen stated in today’s blog post.
A safety violation was identified only by a subgroup of Cloud WAF (Incapsula) clients, following the report by a third party of information exposure influencing certain Cloud WAF clients by 15 September 2017.
Hylen has also revealed’ Customer Customer Elements Database by September 15, 2017,’ including e-mail addresses and hashed and salted passwords.
API keys and customer SSL certificates have also been subjected to third-party access for some Incapsula clients until September 15, 2017.
“We continue to investigate this incident around the clock and have stood up a global, cross-functional team,” adds Hylen.
Experts from forensics engaged in the inquiry
After finding the safety event affecting some of its clients in the Cloud WAF (Incapsula), Imperva has taken the following measures:
We activated our internal data security response team and protocol, and continue to investigate with the full capacity of our resources how this exposure occurred.
• We have informed the appropriate global regulatory agencies.
• We have engaged outside forensics experts.
• We implemented forced password rotations and 90-day expirations in our Cloud WAF product.
• We are informing all impacted customers directly and sharing the steps we are taking to safeguard their accounts and data, and additional actions they can take themselves.
Imperva also recommends the following measures to all of its customers “as a matter of good practice:”
- Change user account passwords for Cloud WAF (https://my.incapsula.com)
- Implement Single Sign-On (SSO)
- Enable two-factor authentication
- Generate and upload new SSL certificate
- Reset API keys
The CEO of Imperva did not divulge more information on what information was disclosed or lost as part of a safety violation or what third parties, if any, might have accessed the disclosed information.
We contacted Imperva for more information about this safety incident, but at the moment of this publishing, it did not hear it. If a reply is obtained, this article will be updated.
Credit: Bleeping computers