CISA disclosed a breach at Sisense and urged users to reset their credentials, but the data analytics vendor has not yet publicly addressed the incident.
In an alert on Thursday, CISA revealed it's working with private partners to investigate a Sisense breach that affected customer data.
CISA credited unnamed independent researchers for discovering the compromise, which might have affected customers' credentials and secrets used to log in to Sisense services.
In addition to resetting credentials, CISA also urged enterprises to investigate and report any suspicious activity related to Sisense services access.
It remains unclear how many individuals were affected by the breach or why CISA was the first to disclose the incident.
A variety of industries including healthcare, technology, manufacturing and finance use Sisense's AI and machine learning-driven analytics tool to collect and analyze data.
Sisense customers include Nasdaq and Air Canada, according to the vendor's website.
Cybersecurity reporter Brian Krebs first reported a possible incident at the company on Wednesday in a Mastadon post, which included an internal message that Sisense CISO Sangram Dash reportedly sent to customers.
Dash confirmed Sisense is aware of the breach reports and that an investigation is ongoing.
Like CISA, Dash also instructed customers to reset their credentials.
Krebs also addressed supply chain concerns and the potential attack scope, saying the breach could affect millions of credentials.
Software supply chain risks have been on the rise recently.
Over the past two months, Checkmarx discovered two different attack campaigns where a threat actor tricked developers into downloading malicious code from GitHub repositories.
The SolarWinds breach, which was reported in 2020, highlights how dire supply chain attacks can be for U.S. government agencies.
Attackers hid malware in updates for SolarWinds' Orion IT management software, which attackers used to gain access to customers, including government agencies.
While Sisense has not confirmed or addressed the breach, infosec professionals expressed concern on social media.
David Kennedy, founder of managed detection and response provider Binary Defense, highlighted the Sisense breach on X, formerly Twitter.
He recommended that customers look for any unusual activity from April 5 to now and urged them to reset API keys used for Sisense services.
Cybersecurity professional Marc Rogers, co-founder and CTO for AI startup nbhd.
He also gave a glimpse into the potential attack timeline and scope that may extend globally.
This Cyber News was published on www.techtarget.com. Publication date: Thu, 11 Apr 2024 20:13:04 +0000