Analytics Firm Sisense Hit With Data Breach: CISA

The federal cybersecurity agency is warning that the analytics platform provider has suffered ‘a recent compromise discovered by independent security researchers.’

Analytics platform provider Sisense — and potentially its customers — have fallen victim to a recent data breach, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned Thursday.

“CISA is collaborating with private industry partners to respond to a recent compromise discovered by independent security researchers impacting Sisense,” CISA said in an advisory.

[Related: Microsoft’s ‘Inadequate’ Security Behind Cloud Email Breach: U.S. Review Board]

CRN has reached out to Sisense for comment.

In its advisory, CISA said it’s urging Sisense customers to reset credentials and other secrets “potentially exposed to, or used to access, Sisense services.”

Sisense customers should also investigate “any suspicious activity involving credentials potentially exposed to, or used to access, Sisense services,” the agency said.

“CISA is taking an active role in collaborating with private industry partners to respond to this incident, especially as it relates to impacted critical infrastructure sector organizations,” the agency added.

A report from Scoop News Group Thursday indicated that a software supply chain attack may have played a role in the breach.

Sisense has reported having more than 2,000 customers — including many large enterprises, among them Verizon, Expedia and the Nasdaq stocl exchange — and a valuation above $1 billion.

Founded in 2004, Sisense has developed a community of partners including resellers and implementation service providers, CRN has reported.