Imperva, the security vendor, said this week that a misconfiguration of an Amazon Web Services (AWS) cloud instance allowed hackers to exfiltrate information on customers using its Cloud Web Application Firewall (WAF) product.
Formerly known as Incapsula, the Cloud WAF analyzes requests coming into applications, and flags or blocks suspicious and malicious activity.
The company announced the breach in August, but at the time said it didn’t know how the attackers were able to gain access. In a Thursday post, CTO Kunal Anand laid out what happened. He explained that in October 2018, the attackers stole and used an administrative AWS API key in one of Imperva’s production AWS accounts, to access a database snapshot containing emails, hashed and salted passwords, and some customers’ API keys and TLS keys.