Security News > 2024 > April > CISA warns about Sisense data breach

Business intelligence / data analytics software vendor Sisense has apparently suffered a data breach that spurred the company and the US Cybersecurity and Infrastructure Security Agency to push the company's customers to "Reset credentials and secrets potentially exposed to, or used to access, Sisense services."

Details about the security incident are still being kept under wraps by Sisense.

A notification by the company's chief information security officer - shared by cybersecurity journalist Brian Krebs - says the company is "Aware of reports that certain Sisense company information may have been made available on what we have been advised is a restricted access server (not generally available on the internet."

As they investigate the incident with the help of outside cybersecurity experts, they have urged customers to rotate any credentials they used within their Sisense application.

"CISA is taking an active role in collaborating with private industry partners to respond to this incident, especially as it relates to impacted critical infrastructure sector organizations," the US cybersecurity agency said, and asked Sisense customers to "Investigate-and report to CISA-any suspicious activity involving credentials potentially exposed to, or used to access, Sisense services."

Sisense customers include corporations like Nasdaq, Air Canada, Hive, and others.

News URL

https://www.helpnetsecurity.com/2024/04/11/sisense-data-breach/