The U.S. CISA had urged the customers to reset the login credentials in response to a recent data breach at Sisense, a provider of data analytics services.
Sisense’s AI and ML driven analytics platform is used for data collection and analysis by various industries, including healthcare, technology, manufacturing, and finance.
CISA claims that anonymous independent security researchers discovered this most recent breach. This is a type of supply chain attack, affecting hundreds of tenants and millions of credentials. The CISO of Sisense just sent out this message to its customers.
CISA advises users of Sisense to:
- Reset credentials and secrets potentially exposed to or used to access Sisense services.
- Investigate—and report to CISA—any suspicious activity involving credentials potentially exposed to or used to access Sisense services.
The extent of the breach is not completly known but CISA, in a statement informed, is taking an active role in collaborating with private industry partners to respond to this incident, especially as it relates to impacted critical infrastructure sector organizations. We will provide updates as more information becomes available.
