Imperva Customer Database Exposed
A subset of customers for the company's Incapsula web application firewall had their email addresses, hashed/salted passwords, and more open to unauthorized access, Imperva announced.
Imperva has announced that the cloud web application firewall product formerly called Incapsula suffered a data exposure that allowed unauthorized access to customer data. The company said that a third party informed it on August 20 of the exposure, which affets customers who had Incapsula accounts through September 15, 2017.
According to the notice posted on the CEO's blog, a subset of Incapsula customers had email addresses, hashed and salted passwords, API keys, and customer-provided SSL certificates exposed. The blog post notes that the company is taking a variety of actions addressing the exposure, from engaging forensics experts and informing affected customers to forcing password rotations.
For more, read here.
Check out The Edge, Dark Reading's new section for features, threat data, and in-depth perspectives. Today's top story: "'Culture Eats Policy for Breakfast': Rethinking Security Awareness Training."
About the Author
You May Also Like