Security News > 2024 > April > CISA says Sisense hack impacts critical infrastructure orgs
The U.S. Cybersecurity and Infrastructure Security Agency is investigating the recent breach of data analytics company Sisense, an incident that also impacted critical infrastructure organizations.
Today, CISA says the incident also affects critical infrastructure sector organizations in the United States, with the agency now working with partners in the private sector to assess its impact.
"CISA is taking an active role in collaborating with private industry partners to respond to this incident, especially as it relates to impacted critical infrastructure sector organizations. We will provide updates as more information becomes available."
Sisense CISO Sangram Dash reiterated CISA's advice in a message sent to customers and shared by investigative reporter Brian Krebs.
Customers should also report any suspicious activity involving potentially exposed credentials or unauthorized access to Sisense services to CISA. When BleepingComputer contacted them earlier today for more details regarding this potential supply-chain attack, CISA and Sisense spokespersons were not immediately available for comment.
One year ago, a supply chain attack that led to the 3CX breach also impacted several critical infrastructure organizations, including "Power suppliers generating and supplying energy to the grid" in the United States and Europe.
News URL
Related news
- CISA investigates critical infrastructure breach after Sisense hack (source)
- CISA shares critical infrastructure defense tips against Chinese hackers (source)
- FBI: Critical infrastructure suffers spike in ransomware attacks (source)
- Major shifts in identity, ransomware, and critical infrastructure threat trends (source)
- Web-based PLC malware: A new potential threat to critical infrastructure (source)
- Public anxiety mounts over critical infrastructure resilience to cyber attacks (source)
- FBI v the bots: Feds urge denial-of-service defense after critical infrastructure alert (source)
- US sanctions APT31 hackers behind critical infrastructure attacks (source)
- Strengthening critical infrastructure cybersecurity is a balancing act (source)
- US critical infrastructure cyberattack reporting rules inch closer to reality (source)