Sisense Data Compromise: ARC Labs Intelligence Flash | Binary Defense

Sisense Data Compromise: ARC Labs Intelligence Flash | Binary Defense


ARC Labs and Binary Defense are actively monitoring a compromise of data associated with Sisense, a company that provides data analytic product and services. At this point, it is unknown if the Sisense’s network was compromised but independent researchers and government organizations indicate that data impacting Sisense has been discovered outside of an authorized space. Given the design of Sisense business model which provides companies the ability to integrate data analytics into various product and services in a modular fashion, the potential data exposure could be larger than those who directly work with Sisense.

The Sisense platform is designed to integrate customized analytics into applications, products, and services. Sisense also offers an SDK enabling developers to integrate Sisense analytics into various technology, tools, and platforms.

According to the Sisense website, Sisense has partnerships with various large software and product vendors indicating that organizations may be impacted by this data compromise through the integration of Sisense by a vendor into their product and services potentially.

As new information is released regarding the incident, ARC Labs and Binary Defense will make updates.

Recommend Immediate Action:

  1. Perform an investigation to determine whether your organization uses Sisense directly or indirectly through an integration/implementation within a third-party product or service.
  2. Reset any Sisense credentials (passwords, api keys, tokens, etc), including customer/partner portal access.
  3. Reset credentials (passwords, api keys, tokens, etc) to any product/service that leverages or is exposed to Sisense services.
  4. If you are using Sisense directly or indirectly, perform an audit of April activity associated with the user accounts and identities exposed to Sisense services and investigate any suspicious activity.

References:

https://www.cisa.gov/news-events/alerts/2024/04/11/compromise-sisense-customer-data



Source link
lol

ARC Labs and Binary Defense are actively monitoring a compromise of data associated with Sisense, a company that provides data analytic product and services. At this point, it is unknown if the Sisense’s network was compromised but independent researchers and government organizations indicate that data impacting Sisense has been discovered outside of an authorized space.…

Leave a Reply

Your email address will not be published. Required fields are marked *