The US government advises Sisense customers to reset their credentials following a hack

The U.S. cybersecurity agency CISA has issued a warning to Sisense customers following a reported security incident by the data analytics company.

In a concise statement released on Thursday, CISA disclosed its response to a recent compromise at Sisense, a provider of business intelligence and data analytics services to companies worldwide.

CISA advised Sisense customers to reset their credentials and secrets that may have been exposed or used to access Sisense services, urging them to report any suspicious activity related to compromised credentials.

While the specific details of the cybersecurity incident remain undisclosed, Sisense, established in 2004, specializes in developing business intelligence and data analytics software for major corporations, including telecommunications companies, airlines, and tech industry leaders. Sisense’s technology enables organizations to gather, analyze, and visualize large volumes of corporate data by integrating directly with their existing technologies and cloud systems.

The functionality of companies like Sisense relies on the use of credentials, such as passwords and private keys, to access a customer’s data repositories for analysis. Unauthorized access to these credentials could potentially compromise a customer’s data.

CISA emphasized its active engagement in collaboration with private industry partners to address the incident, particularly concerning affected critical infrastructure sector organizations.

Sisense boasts an extensive clientele that includes Air Canada, PagerDuty, Philips Healthcare, Skullcandy, Verizon, and thousands of other organizations worldwide.

Initial reports of the incident surfaced on Wednesday following the disclosure by Sisense’s Chief Information Security Officer Sangram Dash, who advised customers to “rotate any credentials that you use within your Sisense application,” as detailed by cybersecurity journalist Brian Krebs.