(Bloomberg) — The top U.S. federal cybersecurity agency is warning that data analytics company Sisense Inc. has suffered a compromise that could expose customer credentials and cryptographic secrets.
Bloomberg’s Most Read
Sisense provides AI-powered analytics to thousands of customers, according to the company’s LinkedIn page. Sisense, which started in Israel in 2004, is now headquartered in New York and also has offices in London.
The Cybersecurity and Infrastructure Security Agency said it is “taking an active role” by collaborating with private industry partners to respond to the incident. He said independent security researchers discovered “a recent compromise.” The exact nature of the incident was not immediately clear.
More than 1,000 Sisense customers access the product through its cloud infrastructure and are potentially at risk of impact, according to a person briefed on efforts to respond to the compromise and who requested anonymity to discuss sensitive matters.
Organizations that specialize in data analysis and storage can be “a gold mine” for threat actors, according to Andy Piazza, senior director of Threat Intelligence Unit 42 at Palo Alto Networks Inc.
“These types of systems can provide threat actors with an opportunity to compromise many organizations through a single breach,” he said. “An incident like this can have ripple effects for both customers and partners as they work to determine the potential impact on their data in the coming weeks. All Sisense customers must quickly rotate keys, credentials and secrets to protect themselves against future consequences.”
The compromise was previously reported by security journalist Brian Krebs.
Cybersecurity experts have also warned that exposed credentials could put company data at risk. Dave Kennedy, founder of cybersecurity companies Binary Defense and TrustedSec, said in a post on X that the compromise was in the early stages and the extent of the impact was still unknown.
CISA, a unit of the Department of Homeland Security, is warning companies to reset their credentials and cryptographic secrets used to access Sisense services or that may have been exposed. It also urged companies to report any suspicious activity involving these credentials.
A company spokesperson declined a request for comment.
(Updated to include additional context in fourth, fifth, and sixth paragraphs.)
Bloomberg Businessweek Most Read
©2024 Bloomberg LP
