Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Breaches

Sisense Data Breach Triggers CISA Alert and Urgent Calls for Credential Resets

The US government issues a red-alert for what appears to be a massive supply chain breach at Sisense, a company that sells big-data analytics tools.

The US government cybersecurity agency CISA on Thursday issued a red-alert for what appears to be a massive supply chain breach at Sisense, a New York company that sells big-data analytics tools to businesses.

In a cryptic note, CISA warned of a recent “compromise of Sisense customer data” that was discovered by independent security researchers and recommended that Sisense customers immediately reset credentials and secrets.

Sisense, a company with roots in Israel, has not publicly commented on the situation. 

The exact nature of the breach is still unclear but the high-level government alert suggests a massive supply chain security incident that exposed data from thousands of companies around the world.

CISA said its malware hunters are partnering with private industry partners to respond to the incident and issued the following advice:

  • Reset credentials and secrets potentially exposed to, or used to access, Sisense services
  • Investigate — and report to CISA — any suspicious activity involving credentials potentially exposed to, or used to access, Sisense services.

“CISA is taking an active role in collaborating with private industry partners to respond to this incident, especially as it relates to impacted critical infrastructure sector organizations. We will provide updates as more information becomes available,” the agency said.

Sisense, which counts enterprise clients like Verizon, Nasdaq and Air Canada among its customer base, has deep tentacles in US healthcare, manufacturing, retail and technology sectors and a supply chain breach could have severe ramifications.

The company’s flagship product, called Sisense Fusion Analytics Platform, provides business intelligence and analytics tooling for companies processing massive volumes of data.

Word on the Sisense breach follows a decision by CISA to release its internal threat hunting and malware analysis system for public use, offering capabilities for the automatic analysis of potentially malicious files or uniform resource locators (URLs).

Advertisement. Scroll to continue reading.

The system, called Malware Next-Gen, is now available for any organization to submit malware samples and other suspicious artifacts for analysis and will allow CISA to more effectively support partners by automating analysis of newly identified malware.

In a statement, CISA said the Malware Next-Gen service  is performed by a combination of static and dynamic analysis tools in a secure environment and results are available in PDF and STIX 2.1 data formats. 

Related: Malware Hunters Spot Supply Chain Attack Hitting 3CX Desktop App

Related: Researchers Flag ‘Significant Escalation’ in Software Supply Chain Attacks

Related: Microsoft’s Security Chickens Have Come Home to Roost

Related: CISA Outlines Efforts to Secure Open Source Software

Related: CISA Moving Forward With Cyber Incident Reporting Rules 

Written By

Ryan Naraine is Editor-at-Large at SecurityWeek and host of the popular Security Conversations podcast series. He is a security community engagement expert who has built programs at major global brands, including Intel Corp., Bishop Fox and GReAT. Ryan is a founding-director of the Security Tinkerers non-profit, an advisor to early-stage entrepreneurs, and a regular speaker at security conferences around the world.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Hear from experts as they explore the latest trends, challenges and innovations in Attack Surface Management.

Register

Event: ICS Cybersecurity Conference

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

People on the Move

Cloud networking firm Aviatrix has named John Qian as CISO.

CrowdStrike has appointed Kartik Shahani as vice president of India and SAARC.

Jill Popelka has been appointed CEO at Darktrace, after serving as COO for three months.

More People On The Move

Expert Insights