Imperva blames data breach on stolen AWS API key
Cyber-security firm Imperva have published a detailed post-mortem report of a security breach the company disclosed two months ago, in August.
The company blamed the security breach on an Amazon Web Services (AWS) API key a hacker stole from an internal system that was left accessible from the internet.
The post-mortem is a little bit convoluted, but we summarized the series of events that led to the Imperva breach in the list below:
- Imperva said it experienced a period of business growth in 2017.
- As a result, the company began adopting cloud technologies to scale its business and infrastructure.
- Imperva decided to evaluate AWS' Relational Database Service (RDS) to scale its user database.
- The company uploaded a snapshot of its customer database to a test AWS RDS instance.
- But in an unrelated incident, the company left an internal system accessible from the internet.
- This internal system stored a copy of the company's AWS API key.
- A hacker found this server, described as a "compute instance," and stole the API key.
- The hacker used the AWS API key to access Imperva's cloud infrastructure, where he found the AWS RDS service the company used for testing.
Imperva didn't provide exact dates for the events listed above, so we don't yet know for how much time the hacker had access Imperva's servers.
However, the company said that sometime in October 2018, the intruder began downloading a copy of the database snapshot they uploaded on the AWS RDS account.
Imperva CEO Chris Hylen said that they learned of the hack months later, on August 20, 2019, when a third-party contacted the company, provided a copy of the stolen data, and then requested a bug bounty.
The company didn't say if this third-party was a legitimate security researcher or the hacker trying to earn a reward from the company he previously hacked.
Latest Jobs
-
- Senior Data Privacy Consultant. Client Facing | London
- London
- N/A
-
Senior Data Privacy Consultant. Client Facing | London Senior Data Privacy Consultant needed for a key client facing opportunity. Must be willing to undergo SC Security Clearance. Hybrid role- onsite with customer / office 2-3 days a week. London Key Responsibilities: Lead and support client facing data privacy projects. Assess compliance, define and deliver strategic projects / implement privacy solutions. Manage project teams and develop business opportunities. Required Experience: Experience in data protection and privacy standards. Background in consulting. Skills and Qualifications: Business consulting experience IAPP Privacy Manager / Privacy Technologist Location Greater London UK based role. Not able to provide VISA sponsorship.
-
- Security Analyst - Internal role. London commutable. Permanent
- London
- N/A
-
Security Analyst - Internal role. London commutable opportunity. Operational Security - Investigate, escalate and proactively work to ensure household name remains protected. Project Security - Coordinate, log change requests with project delivery teams to meet security requirements Policy / compliance - work with team to aid in uplifting these as and where needed This role is role to investigate, escalate and proactively work to protect a globally recognised brand. You must have current hands on operational analytical security experience with Microsoft technology stack Someone with a SOC Analyst / security engineering background would be well suited. This position will join a small team and would suit someone that has broad experience across the security threat landscape. Experience / knowledge across industry GRC standards such NIST, ISO27001 etc very advantageous and a priority. You will work across multiple teams proactively working to secure the business. Must be able to commute to Central London 3 days a week. Visa sponsorship not available Apply today to find out more.
-
- Network / Security Infrastructure Engineer | West London | Permanent
- London
- N/A
-
Network / Security Infrastructure Engineer | West London | Current Config, Install, upgrade experience On prem / Datacetner experience essential. Hands on experience MUST include: Routing, Switching, Network Security (firewall, IDS etc), Microsoft exchange / Exchange 365. Scripting / automation experience wanted. Python, Powershell etc Regular travel to West London is required. Visa sponsorship not available. Apply today for more information chris.holt@dclsearch.com Use this whatapp link to reach out https://wa.me/message/6USF5RAQBOZIP1
-
- SailPoint File Access Manager Consultant/ Architect
- N/A
- discussed on applications
-
SailPoint File Access Manager (SailPoint FAM) Consultant/ Architect is required for an up coming projects, Ideally looking for someone with experience in Designing and deploying SailPoint FAM , this is a new Deployment, you will work with customer in the initial workshop phase, to understand requirements and to get the initial design, you will then be responsible for deploying the solution. This is a home based role, with some onsite visits required during the length of the project. We are looking for someone who has previous experience in Deploying SailPoint FAM (ideally done design work) Need to have experience with SharePoint and ideally Azure and Share file