One of the world’s leading providers of Internet firewall services, has been breached. Imperva announced yesterday that a 2017 database, made up of customers who use their Incapsula WAF product, was compromised.
Leaked information included:
- Email addresses
- Hashed and salted passwords
- API Keys
- Customer-provided SSL certificates
This information could potentially allow an attacker to intercept, view and/or modify traffic being directed to an an Incapsula customer’s website and even reroute that traffic through a site owned by the attacker.
You can read more about the breach over at Krebs on Security.