It has been over a month since the cybersecurity firm Imperva suffered a breach, we now have an update. As revealed recently by the company’s CTO, the firm suffered the breach due to the stolen AWS API key.
Recently, the Chief Technology Officer of Imperva, Kunal Anand, has shared details about the security breach that hit the firm more than a month ago. As revealed through the update, Imperva suffered the breach owing to the stolen API key of Amazon Web Services (AWS).
As revealed via a detailed post, the main cause of the recent breach links back to the breach that happened in 2017. Elaborating some of the actions the company took at that time, the CTO reveals an inadvertent lapse that arose. The company took a database snapshot for testing purposes that allowed data exfiltration.
Eventually, this led to the subsequent data breach in August this year that affected the customers. However, it is now apparent that the breach was not the result of any vulnerability in Cloud WAF or any other product.