Sisense hit by data breach, CISA warns

Sisense, a US data analytics software vendor, has been hit by a data compromise, the US cybersecurity watchdog agency said in an alert.

The Cybersecurity and Infrastructure Security Agency (CISA) urged Sisense's customers to reset passwords and other credentials that may have been exposed to or used to access Sisense's services and to report any suspicious activity.

Details of the compromise, or how exactly it affected Sisense, were not disclosed in the agency's online alert.

Sisense said in a statement that it was "aware of the matter," was in touch with law enforcement, and had hired experts to deal with the issue. However, there are few other details and the company did not respond to further questions.

News of the breach was first reported by journalist Brian Krebs, who said in a post to Mastodon that "many millions of credentials" had been affected.

According to CISA, the incident could initiate a massive supply chain attack affecting thousands of companies. It may allow attackers to pivot to other company systems via exposed credentials, Chris Hughes, chief security advisor at Endor Labs and Cyber Innovation Fellow at CISA, thinks.

“This highlights the continued interest by malicious attackers when it comes to targeting widely used software products and suppliers including those used by critical infrastructure entities. Attackers continue to realize the value in focusing on software suppliers rather than targeting a single organization,” Hughes said.

Meanwhile, Or Aspir, the head of research at Mitiga thinks the incident could send shockwaves through the tech community as Sisense is “integration with numerous software as a service (SaaS) and cloud providers.”

“One crucial aspect to consider is the interconnected nature of Sisense with various cloud environments. For instance, if you're a Sisense customer who has integrated the platform with your Amazon Web Services (AWS) infrastructure by establishing an IAM user, swift action is imperative,” Aspir said.