Imperva Details Response to Customer Database Exposure
October 11 2019Imperva today released details about an October 2018 intrusion into a database containing records on customers of its cloud Web application firewall (WAF), formerly known as Incapsula. According to a blog post from CEO Chris Hylen, a database snapshot created for testing met an internal compute instance with outside access. When the compute instance’s Amazon Web Services API key was compromised, a malicious actor was able to copy the database.
Within the blog post, CTO Kunal Anand noted that emails and hashed and salted passwords for a subset of WAF customers were exposed. The incident was discovered by a third party and then verified by Imperva, which announced the attack Aug. 27, 2019.
A number of new protection steps have since been taken, Hylen said, including decommissioning inactive compute instances, rotating credentials, strengthening credential management processes, and putting all internal compute instances behind a VPN by default.
The blog post also offers recommendations to Imperva customers, including changing cloud WAF passwords, enabling two-factor authentication, and resetting API keys.
Read more here.
This free, all-day online conference offers a look at the latest tools, strategies, and best practices for protecting your organization’s most sensitive data. Click for more information and, to register, here.
Dark Reading’s Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio
Imperva Details Response to Customer Database Exposure
October 11 2019Imperva today released details about an October 2018 intrusion into a database containing records on customers of its cloud Web application firewall (WAF), formerly known as Incapsula. According to a blog post from CEO Chris Hylen, a database snapshot created for testing met an internal compute instance with outside access. When the compute instance’s Amazon Web Services API key was compromised, a malicious actor was able to copy the database.
Within the blog post, CTO Kunal Anand noted that emails and hashed and salted passwords for a subset of WAF customers were exposed. The incident was discovered by a third party and then verified by Imperva, which announced the attack Aug. 27, 2019.
A number of new protection steps have since been taken, Hylen said, including decommissioning inactive compute instances, rotating credentials, strengthening credential management processes, and putting all internal compute instances behind a VPN by default.
The blog post also offers recommendations to Imperva customers, including changing cloud WAF passwords, enabling two-factor authentication, and resetting API keys.
Read more here.
This free, all-day online conference offers a look at the latest tools, strategies, and best practices for protecting your organization’s most sensitive data. Click for more information and, to register, here.
Dark Reading’s Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio
