Imperva, a cybersecurity software company, has suffered a data breach. 

In a blog post, Imperva said its Cloud Web Application Firewall (WAF) product, formerly known as Incapsula suffered a data exposure incident. On August 20, Imperva learned from a third party of the data breach that impact Cloud WAF product who had accounts through September 15, 2017. The personally identifiable information included email addresses and hashed and salted passwords. For a subset of Incapsula customers, the information included API keys and customer-provided SSL certificates.

Imperva said they have activated their internal data security response team and protocol, while continuing their investigation as to how the data incident occurred. Additionally, Imperva has notified the appropriate global regulatory agencies.

They are reaching out to all impacted customers directly and sharing what steps they are taking to guarantee the safety of accounts and data.