It’s a firm that specializes in securing information. Now, Imperva is dealing with the horrific irony that they themselves got breached.
It could be a case of wounded pride among other things. Imperva offers a variety of security solutions to their customers. Generally, they are supposed to be the ones that thwart security threats. Now, they themselves are the victims of a data breach. From ZDNet:
Cyber-security and DDoS mitigation firm Imperva disclosed today a security incident that impacts customers of its cloud web application firewall (WAF), formerly known as Incapsula.
“On August 20, 2019, we learned from a third party of a data exposure that impacts a subset of customers of our Cloud WAF product who had accounts through September 15, 2017,” the company said in a message posted on its website.
Exposed data included customer email addresses, along with hashed and salted passwords, for a subset of customers the company had registered up until September 15, 2017. For a small number of users, API keys and customer-provided SSL certificates were also exposed.
Imperva said the security incident only affected customers of its cloud WAF, and not other products.
The article goes on to say that the firm has apologized to its customers and notified those affected by the breach.
This marks the first security incident we’ve been able to report on this month. Last month was a fairly bumpy one. It started off with the LAPD data breach which saw thousands of officers and applicants exposed. From there, we saw the Biostar 2 data leak which saw 27.8 million records exposed. After that, Lucious also suffered from a data leak which saw 1.2 million accounts exposed. By the end of the month, Hostinger suffered a data breach. In that one, they saw 14 million customers exposed.
This month seems to be starting off in a rather ironic way.
Drew Wilson on Twitter: @icecube85 and Facebook.