State of New Jersey SealOFFICIAL SITE OF THE STATE OF NEW JERSEY

Imperva

NJCCIC Data Breach Notification

Original Release Date: 9/3/2019

Summary

On August 20, 2019, internet firewall services provider Imperva discovered that a security incident exposed sensitive information for some users of its cloud-based Incapsula WAF (Web Application Firewall) product. The breach impacts customers with accounts through September 15, 2017. The exposed information includes email addresses, hashed and salted passwords, and, in some cases, API keys and customer-provided SSL certificates. An attacker with API keys and SSL certificates could use their access to reduce the security of traffic to and from a customer’s website. Imperva is urging its customers to change their passwords, implement Single Sign-On (SSO), enable multi-factor authentication, generate and upload new SSL certificates, and reset API keys.

Join & Subscribe

Never miss an update! Sign up for a no cost membership today! Receive up-to-date content and more in our weekly bulletin.

Sign Up

Featured Content

New Jersey Cybersecurity & Communications Integration Cell

2 Schwarzkopf Dr, Ewing Township, NJ 08628

njccic@cyber.nj.gov

OUR COMMITMENT

The NJCCIC is a component organization within the New Jersey Office of Homeland Security and Preparedness. We are the State's one-stop-shop for cyber threat analysis, incident reporting, and information sharing and are committed to making New Jersey more resilient to cyber threats by spreading awareness and promoting the adoption of best practices.

Agency Seals of State of NJ, NJOHSP and NJCCIC

STAY CONNECTED:

View our Privacy Policy here.

View our Site Index here.