Imperva breach: Government web platform users advised to change passwords

The Department of Internal Affairs is asking users of the government's Common Web Platform to update their passwords after a vendor's firewall was breached.

Users of Imperva's Cloud Web Application Firewall, formerly known as Incapsula, were alerted about the breach in late August.

The service is used locally by SilverStripe, the operator of the Common Web Platform that hosts many government websites.

"Imperva has advised that this breach has not  impacted these websites or user accounts, but that it’s still advisable to update passwords and take steps to secure your account if you have a login to the content management system (CMS) of any of these websites," a note posted on the governments digital website today said.

The breach exposed Imperva user emails and hashed and salted passwords as well as some customer API keys and SSL certificates.

DIA also reminded agencies that, two-factor authentication would be required across all Common Web Platform sites from 27 September.

In April, Imperva launched its first formal channel programs in A/NZ.

Follow Us

• Twitter
• LinkedIn

Join the newsletter!

Join

Or

• Sign in with LinkedIn
• Sign in with Facebook

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags governmentImpervaDepartment of Internal Affairscommon web platform