April 11, 2024 at 06:19PM
The US federal government warned customers of Sisense, a business analytics platform, about a password compromise. The Cybersecurity and Infrastructure Security Agency advised users to reset credentials and passwords for sensitive data. The platform, which serves over 2,000 companies, including Air Canada and Nasdaq, is an attractive target for supply chain cyberattacks. It’s recommended to follow CISA’s guidance and reset credentials and API keys.
From the meeting notes, it is evident that the US federal government has issued a warning to customers of Sisense, a business analytics platform, urging an immediate password reset following a potential compromise. The advisory, issued by the Cybersecurity and Infrastructure Security Agency (CISA), emphasizes the importance of resetting credentials not only for the Sisense platform but also for passwords related to any other sensitive data accessed through Sisense services.
This issue has raised concerns among security experts, with Patrick Tiquet of Keeper Security highlighting the potential for advanced supply chain cyberattacks on Sisense. It is recommended that customers follow CISA’s guidance and reset credentials and secrets that may have been exposed or used to access Sisense services.
The prompt response from the federal government reflects the seriousness of the situation, as noted by Sean Deuby of Semperis, who emphasized the challenges in securing the supply chain and its susceptibility to cyber adversaries.
Furthermore, Jason Soroko of Sectigo has advised Sisense customers to not only change passwords but also to reset API keys associated with Sisense, and to monitor for any unusual activity from April 5 onwards.
Overall, the meeting notes underscore the urgency for Sisense customers to take proactive measures, in line with the recommendations provided by security experts and the federal government’s advisory.