Sisense Compromise Leaves Customer Data Vulnerable, US Says

(Bloomberg) -- The US lead agency for federal cybersecurity is warning that Sisense Inc., a data analytics company, has suffered a compromise that could expose customer credentials and cryptographic secrets.

Most Read from Bloomberg

• China Tells Iran Cooperation Will Last After Attack on Israel

• US Two-Year Yield Hits 5% After Powell’s Remarks: Markets Wrap

• Beyond the Ivies: Surprise Winners in the List of Colleges With the Highest ROI

• IMF Steps Up Its Warning to US Over Spending and Ballooning Debt

• Iran’s Conflict With Israel Puts US Ally Jordan on Edge

Sisense provides AI-driven analytics to thousands of customers, according to the company’s LinkedIn page. Sisense, which started in Israel in 2004, is now headquartered in New York and also has offices in London.

The Cybersecurity and Infrastructure Security Agency said it is “taking an active role” collaborating with private industry partners to respond to the incident. It said independent security researchers discovered “a recent compromise.” The exact nature of the incident wasn’t immediately clear.

More than 1,000 Sisense customers access the product via their cloud infrastructure and are potentially at risk of impact, according to a person briefed on efforts to respond to the compromise who asked not to be named in order to discuss sensitive matters.

Organizations that specialize in data analytics and data storage can be "a goldmine" for threat actors, according to Andy Piazza, senior director at Unit 42 Threat Intelligence at Palo Alto Networks Inc.

"These types of systems can provide threat actors an opportunity to compromise many organizations through a single breach," he said. "An incident like this can have rippling effects on customers and partners alike, as they work to determine the potential impact to their data over the next few weeks. All Sisense customers should swiftly rotate keys, credentials and secrets to safeguard against further fallout."In a statement, Sisense said it was aware of the matter and promptly started an investigation. “Due to the ongoing nature of the investigation, the company has no further comment at this time. Sisense takes security very seriously, and we remain committed to our customers.”Sisense lists customers on its website including Verizon, Nasdaq and Air Canada. A Nasdaq spokesperson declined to comment, and the other companies didn’t immediately respond to request for comment.

The compromise was earlier reported by the security journalist Brian Krebs.

Cybersecurity experts have also warned that exposed credentials could put company data at risk. Dave Kennedy, founder of cybersecurity companies Binary Defense and TrustedSec, said in a post on X that the compromise was in the early stages and the extent of the impact was still unknown.

CISA, a unit of the Department of Homeland Security, is warning companies to reset their credentials and cryptographic secrets that are used to access Sisense services or may have been exposed. It also urged companies to report any suspicious activity involving those credentials.

(Updates with company statement in seventh paragraph.)

Most Read from Bloomberg Businessweek

• A Resilient Global Economy Masks Growing Debt and Inequality

• Cities Use AI to Help Ambulances and Firetrucks Arrive Faster

• The Shadow Swiftie Economy Booms With Bootleg Bracelets and $1,150 Bodysuits

• Top Takeaways From Businessweek’s Investigation of Teenage Sextortion

• How a Pioneering Blackjack Master Beats the Odds of Aging

©2024 Bloomberg L.P.