April 11, 2024 at 11:32AM
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is investigating a recent breach at Sisense, a data analytics company that also impacted critical infrastructure organizations. CISA is collaborating with private industry partners to respond to the incident and has advised Sisense customers to reset potentially exposed credentials and report any suspicious activity.
Key Takeaways from the Meeting Notes:
– The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is investigating the recent breach of data analytics company Sisense, impacting critical infrastructure organizations.
– Sisense is an American business intelligence software company founded in Israel in 2004, headquartered in New York City, with additional offices in London and Tel Aviv. It has served over 2,000 customers, including Nasdaq, ZoomInfo, Verizon, and Air Canada.
– CISA is collaborating with private industry partners to respond to the compromise discovered by independent security researchers and is working to assess its impact, especially on critical infrastructure sector organizations in the United States.
– CISA urges all Sisense customers to reset any potentially exposed credentials and report any suspicious activity to CISA.
– Sisense CISO Sangram Dash reiterated the advice to rotate any credentials used within the Sisense application out of caution.
– CISA and Sisense spokespersons were not immediately available for comment when contacted for more details regarding the potential supply-chain attack.
– One year ago, a supply chain attack that led to the 3CX breach also impacted several critical infrastructure organizations, including power suppliers in the United States and Europe.