The US government cybersecurity agency CISA on Thursday issued a red-alert for what appears to be a massive supply chain breach at Sisense, a New York company that sells big-data analytics tools to businesses.
In a cryptic note, CISA warned of a recent “compromise of Sisense customer data” that was discovered by independent security researchers and recommended that Sisense customers immediately reset credentials and secrets.
Sisense, a company with roots in Israel, has not publicly commented on the situation.
The exact nature of the breach is still unclear but the high-level government alert suggests a massive supply chain security incident that exposed data from thousands of companies around the world.
CISA said its malware hunters are partnering with private industry partners to respond to the incident and issued the following advice:
- Reset credentials and secrets potentially exposed to, or used to access, Sisense services.
- Investigate — and report to CISA — any suspicious activity involving credentials potentially exposed to, or used to access, Sisense services.
“CISA is taking an active role in collaborating with private industry partners to respond to this incident, especially as it relates to impacted critical infrastructure sector organizations. We will provide updates as more information becomes available,” the agency said.
Sisense, which counts enterprise clients like Verizon, Nasdaq and Air Canada among its customer base, has deep tentacles in US healthcare, manufacturing, retail and technology sectors and a supply chain breach could have severe ramifications.
The company’s flagship product, called Sisense Fusion Analytics Platform, provides business intelligence and analytics tooling for companies processing massive volumes of data.
Word on the Sisense breach follows a decision by CISA to release its internal threat hunting and malware analysis system for public use, offering capabilities for the automatic analysis of potentially malicious files or uniform resource locators (URLs).
The system, called Malware Next-Gen, is now available for any organization to submit malware samples and other suspicious artifacts for analysis and will allow CISA to more effectively support partners by automating analysis of newly identified malware.
In a statement, CISA said the Malware Next-Gen service is performed by a combination of static and dynamic analysis tools in a secure environment and results are available in PDF and STIX 2.1 data formats.
Related: Malware Hunters Spot Supply Chain Attack Hitting 3CX Desktop App
Related: Researchers Flag ‘Significant Escalation’ in Software Supply Chain Attacks
Related: Microsoft’s Security Chickens Have Come Home to Roost
Related: CISA Outlines Efforts to Secure Open Source Software
Related: CISA Moving Forward With Cyber Incident Reporting Rules
