New York City, New York – The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has launched an investigation into a breach involving business intelligence company Sisense. The company, known for its products that provide a centralized view of various online services, has advised its customers to reset any credentials that may have been compromised. Sisense serves a diverse range of industries, including financial services, telecommunications, healthcare, and higher education.
Concerns arose when reports indicated that sensitive Sisense company information was potentially accessed through a restricted server. Chief Information Security Officer Sangram Dash promptly informed customers about the situation, reassuring them that despite the ongoing investigation, business operations remained unaffected. The company took swift action by engaging industry experts to aid in the inquiry.
CISA, in collaboration with private industry partners, is actively responding to the breach discovered by independent security researchers. The agency is particularly focused on supporting critical infrastructure sector organizations impacted by the incident. Updates on the investigation will be provided as more information becomes available.
Sources close to the breach investigation revealed that attackers likely gained access to Sisense’s Gitlab code repository, where they discovered a token or credential granting access to the company’s Amazon S3 cloud storage. This security lapse resulted in the exfiltration of terabytes of customer data, including access tokens, email passwords, and SSL certificates.
The breach not only raises questions about Sisense’s data protection measures but also highlights the challenges faced by customers in safeguarding their information. With attackers possessing customer credentials, the onus falls on Sisense customers to reassess their security protocols and consider changing passwords for third-party services linked to Sisense.
In response to the breach, Sisense customers are advised to take extensive security measures, which include resetting various credentials and access tokens. The company emphasizes the importance of security and assures customers of their commitment to addressing the situation swiftly. This breach serves as a stark reminder of the critical need for robust cybersecurity measures in the digital age.