TLDR:
- CISA has disclosed a breach affecting Sisense and urges customers to reset credentials
- The breach may have started with access to the company’s Gitlab code repository
The US Cybersecurity and Infrastructure Security Agency (CISA) has urged immediate action after a breach affecting business analytics provider Sisense was disclosed. While Sisense has not publicly confirmed the breach, it is reported that attackers gained access to the company’s Gitlab code repository, leading to potential access to Sisense’s Amazon S3 buckets in the cloud. CISA has advised Sisense customers to reset credentials and investigate any suspicious activity related to the breach.
The breach highlights the risks associated with third-party vendors and supply chain vulnerabilities. Dan Schiappa, chief product officer at Arctic Wolf, emphasized the importance of securing supply chains to prevent such incidents from impacting not only the companies involved but also their customers and partners.
Sisense, a New York-based company founded in 2004, offers business intelligence software for various industry verticals. CISA continues to investigate the breach and provide updates as more information becomes available to ensure the security of Sisense customers.