CyberNews Briefs

Imperva ‘security incident’ exposes customer data

The data of a “subset of customers” of Imperva’s Cloud Web Application Firewall was exposed in a “security incident” in September 2017, the cybersecurity company has acknowledged. The compromised data included email addresses, encrypted passwords as well as some API keys and customer-provided SSL certificates.

While Imperva says it is disclosing the breach “to do the right thing for all of our constituents,” it failed to provide information about the source of the breach and whether it had any evidence the stolen data had been distributed on the dark web. Chris Morales of Vectra AI said the theft of API keys and SSL certificates is specially concerning for impacted companies.

Read more: Imperva ‘security incident’ exposes customer data

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.