Breach At Cybersecurity Firm Imperva Exposes User Data

California-based Imperva, a principal cybersecurity provider that works to prevent website breaches, has said it was hacked, The Next Web reported on Wednesday (Aug. 28).

The popular security vendor said its cloud-based firewall product exposed user data online, including email addresses, passwords, API keys and SSL certificates. The hack affects customers using the Cloud Web Application Firewall (WAF) product.

Formerly known as Incapsula, the Cloud WAF analyzes requests coming into applications, and flags or blocks suspicious and malicious activity.

The hackers could possibly intercept and divert a client’s web traffic, according to the report. The company is instructing customers to change passwords, and has also now instituted a 90-day password expiration policy.

Imperva hasn’t said when the leak took place nor has it shared any information as to how the breach happened. It’s also not clear if the exposed data was accessed by other third parties. The company said it is working with forensics experts.

Imperva said in a blog post on its website that it learned about the exposure via a third party on Aug. 20. The affected customer database, however, contained old Incapsula records that only go up to Sept. 15, 2017.

“We profoundly regret that this incident occurred and will continue to share updates going forward,” Imperva said in its blog post. “In addition, we will share learnings and new best practices that may come from our investigation and enhanced security measures with the broader industry. Imperva will not let up on our efforts to provide the very best tools and services to keep our customers and their customers safe.

The company also said, “We continue to investigate this incident around the clock and have stood up a global, cross-functional team.”

Private equity firm Thoma Bravo bought Imperva earlier this year for $2.1 billion, extending its portfolio to DigiCert, Imprivata, Barracuda Networks, LogRhythm, McAfee and Veracode.