Imperva which offers Enterprise data and application software has made it official on its website that its data related to its Cloud Web Application Firewall (WAF) dubbed as Incapsula was exposed to hackers for some time.
The Redwood City-based company says that the incident came into the light to its authorities on Aug 20th, 2019 where data related to the Cloud WAF accounts dated through Sept 15th, 2017 were exposed/access by/to hackers. It includes data related to email addresses and hashed/salted passwords.
Furthermore, for a small portion of Incapsula customers data related to API Keys and Customers related SSL Certificates was also leaked during the incident.
Currently, the Cyber Incident is being thoroughly investigated by Imperva, and impacted customers are reportedly being informed through proper channel.
Readers of Cybersecurity Insiders should notify a fact that the California based company was acquired by Thoma Bravo in 2019.
So, was the data breach discovered before or after the acquisition is yet to be known. However, industry analysts say that the breach could cause Thoma Bravo to go slow on the purchase as it has to first find out the data breach repercussions and then demand a discount for the purchase.
Similar to the purchase of Yahoo by Verizon where the latter got a discount of $350 million after it discovered that then Marissa Mayer led company showed laxity in following Cybersecurity norms leading to the leak of more than a billion email IDs and passwords related to Yahoo! users in Aug’13.