Tech | Visa | Scholarship/School | Info Place

U.S. government urges Sisense customers to reset credentials after hack

U.S. cybersecurity agency CISA warned Sisense customers to reset their credentials and secrets after the data analytics company reported a security incident.

CISA said in a brief statement Thursday that it was responding to “recent compromises” by Sisense, which provides business intelligence and data analytics to companies around the world.

CISA said it urged Sisense customers to “reset credentials and secrets that may have been exposed or used to access Sisense services” and to report any suspicious activity involving the use of compromised credentials to the agency.

The exact nature of the cybersecurity incident is unclear.

Founded in 2004, Sisense develops business intelligence and data analytics software for large companies such as telecommunications companies, airlines and technology giants. Sisense’s technology allows organizations to collect, analyze and visualize large amounts of enterprise data by directly leveraging existing technology and cloud systems.

Companies like Sisense rely on the use of credentials such as passwords and private keys to access customers’ various data stores for analysis.

By accessing these credentials, the attacker could also gain access to the customer’s data.

CISA said it is “actively working with private industry partners to respond to this incident, particularly as it involves impacted critical infrastructure sector organizations.”

Sisense’s customers include Air Canada, PagerDuty, Philips Healthcare, Skullcandy and Verizon, as well as thousands of other organizations around the world.

News of the incident first emerged on Wednesday after cybersecurity reporter Brian Krebs published a note sent by Sisense Chief Information Security Officer Sangram Dash urging customers to “rotate any credentials you use in Sisense applications.”

Neither Dash nor a company spokesperson responded to emails from TechCrunch.

Israeli media reported in January that Sisense had laid off about half its employees since 2022. It’s unclear whether the layoffs have affected the company’s security posture. Sisense has raised nearly $300 million in funding from investors including Insight Partners, Bessemer Ventures Partners and Battery Ventures.

Do you know more about the Sisense data breach? To contact this reporter, please contact +1 646-755-8849 via Signal and WhatsApp, or via email. You can also send files and documents via SecureDrop.

#U.S #government #urges #Sisense #customers #reset #credentials #hack

Leave a Reply

Your email address will not be published. Required fields are marked *