Sisense Customer Data Compromise

Share :

On 11 April 2024, CISA issued an cybersecurity advisory disclosing a compromise of customer data from Sisense. The previous day, cybersecurity journalist Brian Krebs had published an email sent to Sisense customers by the company’s CISO. The specific details of the compromise have not been made public at this time. Furthermore, Arctic Wolf has not observed any malicious activities conducted by threat actors using compromised credentials from Sisense. 

Sisense is a business intelligence firm which produces software with features for analysis and visualisation of datasets for decision-making. The company integrates with various platforms such as CRM applications, analytics platforms, databases, APIs, and numerous other applications. 

While the extent of this compromise is not fully known, Arctic Wolf strongly recommends that organisations using Sisense rotate credentials and secrets for applications using their services, in line with the guidance provided by CISA. CISA emphasises that they are actively collaborating private industry partners to respond to this incident, as there is a connection to impacted critical infrastructure sector organisations. 


Recommendation: Reset Credentials and Secrets 

CISA urges Sisense customers to reset any credentials and secrets (e.g., API Keys) that may have been exposed to or utilised for accessing Sisense services. 


Picture of Andres Ramos

Andres Ramos

Andres Ramos is a Threat Intelligence Researcher at Arctic Wolf with a strong background in tracking emerging threats and producing actionable intelligence for both technical and non-technical stakeholders. He has a diverse background encompassing various domains of cyber security, holds a degree in Cybersecurity Engineering, and is a CISSP.
Share :
Table of Contents