CISA Releases Alert on Sisense Data Breach

Threat Actor: Unknown | Unknown
Victim: Sisense | Sisense
Price: Not specified
Exfiltrated Data Type: Sensitive data of global enterprises

Additional Information:

  • Sisense, a business intelligence software company, experienced a cyberattack potentially exposing the sensitive data of global enterprises.
  • The list of the company’s customers includes Nasdaq, Philips Healthcare, Verizon, and many others.
  • The U.S. cybersecurity agency CISA published an alert on Sisense regarding the compromise of customer data.
  • CISA is collaborating with private industry partners to respond to the incident.
  • CISA urges Sisense customers to reset credentials and secrets potentially exposed to, or used to access, services provided by Sisense.
  • The company confirmed awareness of a data leak and initiated an investigation.

Sisense, a business intelligence software company, experienced a cyberattack potentially exposing the sensitive data of global enterprises. The list of the company’s customers includes Nasdaq, Philips Healthcare, Verizon, and many others.

The cyber attack made the headlines because the U.S. cybersecurity agency CISA published an alert on Sisense.

“CISA is collaborating with private industry partners to respond to a recent compromise discovered by independent security researchers impacting Sisense, a company that provides data analytics services.” reads the alert.

“CISA is taking an active role in collaborating with private industry partners to respond to this incident, especially as it relates to impacted critical infrastructure sector organizations. We will provide updates as more information becomes available.”

CISA urges Sisense customers to reset credentials and secrets potentially exposed to, or used to access, services provided by Sisense.

The US agency recommends customers of the company investigate and report to CISA any suspicious activity involving their credentials used to access the services of the business intelligence firm.

Yesterday the popular cybersecurity investigator Brian Krebs published a note from the company that confirmed that they were aware of a data leak.

Below is the content of the note:

Good afternoon
We are aware of reports that certain Sisense company information may have been made available on what we have been advised is a restricted access server (not generally available on the internet). We are taking this matter seriously and promptly commenced an investigation. We engaged industry-leading experts to assist us with the investigation. This matter has not resulted in an interruption to our business operations.
Out of an abundance of caution, and while we continue to investigate, we urge you to promptly rotate any credentials that you use within your Sisense application.
Should you have any questions related to this matter, please email [email protected]
At Sisense, we give paramount importance to security and are committed to our customers' success. This is a proactive measure to ensure that our customers are secure. Thank you for your partnership and commitment to our mutual security.
Regards,
Sangram Dash
Chief Information Security Officer

The company launched an investigation into the security breach which is still ongoing.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, data breach)



Original Source: https://securityaffairs.com/161728/data-breach/sisense-suffers-a-cyber-attack.html