Article Details
Scrape Timestamp (UTC): 2024-04-11 14:56:26.814
Original Article Text
Click to Toggle View
CISA investigates critical infrastructure breach after Sisense hack. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is investigating the recent breach of data analytics company Sisense, an incident that also impacted critical infrastructure organizations. Sisense is an American business intelligence software company founded in Israel in 2004 and now headquartered in New York City. It also has offices in London and Tel Aviv and has served over 2,000 customers in the last two decades, including Nasdaq, ZoomInfo, Verizon, and Air Canada. Today, CISA says the incident also affects critical infrastructure sector organizations in the United States, with the agency now working with partners in the private sector to assess its impact. "CISA is collaborating with private industry partners to respond to a recent compromise discovered by independent security researchers impacting Sisense, a company that provides data analytics services," the cybersecurity agency said. "CISA is taking an active role in collaborating with private industry partners to respond to this incident, especially as it relates to impacted critical infrastructure sector organizations. We will provide updates as more information becomes available." The agency urges all Sisense customers to reset any credentials and secrets potentially exposed or used to access the company's platform and services. Customers should also report any suspicious activity involving potentially exposed credentials or unauthorized access to Sisense services to CISA. The company has yet to disclose this incident or publicly provide customers with mitigation advice or more information regarding the attack. When BleepingComputer contacted them earlier today for more details regarding this potential supply-chain attack, CISA and Sisense spokespersons were not immediately available for comment. One year ago, a supply chain attack that led to the 3CX breach also impacted several critical infrastructure organizations, including "power suppliers generating and supplying energy to the grid" in the United States and Europe.
Daily Brief Summary
CISA is actively investigating a data breach at Sisense, a data analytics company with key customers in critical infrastructure sectors.
The breach potentially affects numerous critical infrastructure organizations across the U.S. with Sisense having over 2,000 customers worldwide.
Sisense, founded in 2004 and headquartered in New York, offers business intelligence software and has considerable reach globally.
CISA has partnered with private industry experts to gauge the full scope of the incident and to formulate a response.
Impacted parties are advised to reset all potentially compromised credentials and report any suspicious activities linked to this breach.
Detailed information and mitigation strategies from Sisense regarding the incident remain undisclosed to the public.
Comparably, the breach mirrors the pattern of last year’s 3CX supply chain attack which also targeted critical infrastructure providers.