Attack on data analytics company Sisense prompts alert from CISA

Data analytics company Sisense is responding to a cybersecurity incident that may have exposed the information of some of the world’s biggest companies.

The top U.S. cybersecurity agency published a warning on Thursday morning about an attack on Sisense — which provides AI data analytics services to organizations like Philips Healthcare, Verizon, Nasdaq, Air Canada and hundreds more. It helps companies gather, analyze and visualize data from different sources.

The Cybersecurity and Infrastructure Security Agency (CISA) said it is “collaborating with private industry partners to respond to a recent compromise discovered by independent security researchers impacting Sisense, a company that provides data analytics services.”

The agency urged all Sisense customers to reset credentials and data “potentially exposed to, or used to access, Sisense services” while also investigating and reporting “any suspicious activity” involving exposed credentials to CISA. 

“CISA is taking an active role in collaborating with private industry partners to respond to this incident, especially as it relates to impacted critical infrastructure sector organizations,” the agency said. 

A Sisense spokesperson declined to answer several questions about the incident. Reports of issues emerged on Wednesday evening, when cybersecurity journalist Brian Krebs published an internal note from Sisense’s chief information security officer that said the company was aware of company information leaked to a “restricted access server.”

The company began an investigation but warned customers to rotate the credentials used with their Sisense application. 

Several other cybersecurity experts said a threat actor broke into the company's systems and exfiltrated troves of data.