CISA says Sisense hack impacts critical infrastructure orgs – Source: www.bleepingcomputer.com

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is investigating the recent breach of data analytics company Sisense, an incident that also impacted critical infrastructure organizations.

Sisense is an American business intelligence software company founded in Israel in 2004 and now headquartered in New York City.

It also has offices in London and Tel Aviv and has served over 2,000 customers in the last two decades, including Nasdaq, ZoomInfo, Verizon, and Air Canada.

Today, CISA says the incident also affects critical infrastructure sector organizations in the United States, with the agency now working with partners in the private sector to assess its impact.

“CISA is collaborating with private industry partners to respond to a recent compromise discovered by independent security researchers impacting Sisense, a company that provides data analytics services,” the cybersecurity agency said.

“CISA is taking an active role in collaborating with private industry partners to respond to this incident, especially as it relates to impacted critical infrastructure sector organizations. We will provide updates as more information becomes available.”

The agency urges all Sisense customers to reset any credentials and secrets potentially exposed or used to access the company’s platform and services.

Sisense CISO Sangram Dash reiterated CISA’s advice in a message sent to customers and shared by investigative reporter Brian Krebs.

“Out of an abundance of caution, and while we continue to investigate, we urge you to promptly rotate any credentials that you use within your Sisense application,” Dash said.

Customers should also report any suspicious activity involving potentially exposed credentials or unauthorized access to Sisense services to CISA.

When BleepingComputer contacted them earlier today for more details regarding this potential supply-chain attack, CISA and Sisense spokespersons were not immediately available for comment.

One year ago, a supply chain attack that led to the 3CX breach also impacted several critical infrastructure organizations, including “power suppliers generating and supplying energy to the grid” in the United States and Europe.