NEWS

The US Federal Government has issued a warning to customers of business analytics platform Sisense, advising them to reset their passwords due to a potential compromise.

Sisense, a software-as-a-service (SaaS) platform used by over 2,000 companies including Air Canada, Nasdaq, and ZoomInfo, utilizes “AI-driven analytics.” According to Patrick Tiquet, VP of Security at Keeper Security, Sisense presents an attractive target for advanced cyberattacks, potentially allowing attackers to infiltrate customer networks. The Cybersecurity and Infrastructure Security Agency (CISA) has urged customers not only to reset company’s credentials but also passwords for any sensitive data accessed through Sisense services. Sean Deuby, Principal Technologist at Semperis, emphasized the severity of supply chain attacks, citing previous breaches such as WannaCry, SolarWinds, and Kaseya. Jason Soroko, Senior VP of Product at Sectigo, advised customers to change passwords, reset API keys, and monitor for unusual activity.

The quick response from the federal government indicates the seriousness of the Sisense compromise and underscores the ongoing challenges in securing supply chains against cyber threats. This  compromise serves also as a sobering reminder of the persistent and adaptive nature of cyber threats, emphasizing the critical importance of robust security measures and proactive risk management strategies in an increasingly interconnected digital ecosystem.