Following a recent security breach at Sisense, a leading data analytics firm, the Cybersecurity and Infrastructure Security Agency (CISA) has advised all Sisense customers to reset their credentials and secrets as a precautionary measure.
The specifics of the cybersecurity incident remain undisclosed, raising concerns among Sisense customers and industry observers regarding the breach’s extent and potential ramifications.
Established in 2004, Sisense specialises in developing software for business intelligence and data analytics, catering to major corporations including telecommunication firms, airlines, and technology behemoths. Its technology enables organisations to collect, analyse and visualise vast amounts of corporate data by integrating with existing technologies and cloud platforms.
“CISA is taking an active role in collaborating with private industry partners to respond to this incident, especially as it relates to impacted critical infrastructure sector organizations. We will provide updates as more information becomes available,” said the CISA advisory.
Sangram Dash, in an internal mail, asked users to change any credentials they have stored on Sisense.
“We are aware of reports that certain Sisense company information may have been made available on what we have been advised is a restricted access server (not generally available on the internet). We are taking this matter seriously and promptly commenced an investigation. We engaged industry-leading experts to assist us with the investigation. This matter has not resulted in an interruption to our business operations,” said the mail as seen by security researcher Brian Krebs.
Credential management is critical in the data analytics sector, with companies like Sisense relying on passwords and private keys to access and analyse customer data. A breach compromising these credentials could lead to unauthorised access to sensitive data stored by Sisense customers.
“Out of an abundance of caution, and while we continue to investigate, we urge you to promptly rotate any credentials that you use within your Sisense application,” added the internal mail.
Later, as noted by Mark Rogers, Sisense released a set of specific instructions that the users must follow. These instructions urged users to change their passwords, reset credentials in the database, reset Usesr Params, rotate all tokens and email credentials, and reset custom node Notebooks, among others.
As of now, Sisense has not come out with a statement regarding the nature and extent of the breach.
In the News: 2000 Intel and Lenovo devices are exposed to a six-year-old flaw
