(Bloomberg) — The United States’ lead federal cybersecurity agency warned that data analytics company Sisense Inc. suffered a breach that could have exposed customer credentials and cryptographic secrets.
Most Read Articles on Bloomberg
According to the company's LinkedIn page, Sisense provides AI-driven analytics to thousands of customers. His Sisense, founded in Israel in 2004, is currently headquartered in New York with additional offices in London.
The Cybersecurity and Infrastructure Security Agency said it was “playing an active role” in working with private industry partners to respond to the incident. An independent security researcher announced that they had discovered a “recent breach.” The exact nature of the incident was not immediately clear.
More than 1,000 Sisense customers access products through cloud infrastructure and are potentially affected They are said to be at risk of being exposed to.
According to Andy Piazza, senior director of threat intelligence for Unit 42 at Palo Alto Networks, organizations that specialize in data analysis and data storage can be a “treasure trove” for threat actors.
“These types of systems can give attackers the opportunity to compromise many organizations through a single breach,” he said. “Such incidents can have ripple effects for customers and partners alike, as customers work to determine the potential impact to their data over the coming weeks. All of our customers should quickly rotate their keys, credentials, and secrets to protect against further impact.'' Sisense said in a statement that it was aware of the issue and immediately began an investigation. . “As the investigation is ongoing, we have no further comment at this time. Sisense takes security very seriously and remains committed to our customers.” of Canada and other customers on his website. A Nasdaq spokesperson declined to comment, and other companies did not respond to requests for comment.
The breach was previously reported by security journalist Brian Krebs.
Cybersecurity experts have also warned that compromised credentials could put corporate data at risk. Dave Kennedy, founder of cybersecurity firms Binary Defense and TrustedSec, said in a post on X that the breach is in its early stages and the extent of the impact is not yet known.
CISA, a division of the Department of Homeland Security, is warning companies to reset credentials and cryptographic secrets used to access Sisense services or that may have been compromised. It also asked companies to report any suspicious activity related to these credentials.
(Updates corporate statement in paragraph 7.)
Most Read Articles on Bloomberg Businessweek
©2024 Bloomberg LP
