Sisense breach exposes customers to potential supply chain attack | CyberScoop<\/title> <meta name=\"description\" content=\"The Cybersecurity and Infrastructure Security Agency is urging Sisense customers to reset credentials and report any suspicious activity.\"> <link rel=\"canonical\" href=\"https:\/\/cyberscoop.com\/sisense-supply-chain-breach\/\"> <meta property=\"og:locale\" content=\"en_US\"> <meta property=\"og:type\" content=\"article\"> <meta property=\"og:title\" content=\"Sisense breach exposes customers to potential supply chain attack\"> <meta property=\"og:description\" content=\"The Cybersecurity and Infrastructure Security Agency is urging Sisense customers to reset credentials and report any suspicious activity.\"> <meta property=\"og:url\" content=\"https:\/\/cyberscoop.com\/sisense-supply-chain-breach\/\"> <meta property=\"og:site_name\" content=\"CyberScoop\"> <meta property=\"article:published_time\" content=\"2024-04-11T13:26:39+00:00\"> <meta property=\"og:image\" content=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/sisense-breach-exposes-customers-to-potential-supply-chain-attack-1.jpg\"> <meta property=\"og:image:width\" content=\"1920\"> <meta property=\"og:image:height\" content=\"1280\"> <meta property=\"og:image:type\" content=\"image\/jpeg\"> <meta name=\"author\" content=\"eliasgroll\"> <meta name=\"twitter:card\" content=\"summary_large_image\">  <link rel=\"dns-prefetch\" href=\"\/\/securepubads.g.doubleclick.net\">\n<link rel=\"dns-prefetch\" href=\"\/\/use.typekit.net\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Feed\" href=\"https:\/\/cyberscoop.com\/feed\/\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Comments Feed\" href=\"https:\/\/cyberscoop.com\/comments\/feed\/\"> <link rel=\"stylesheet\" id=\"all-css-2\" href=\"https:\/\/cyberscoop.com\/wp-includes\/css\/dist\/block-library\/style.min.css?m=1712698253g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-6\" href=\"https:\/\/cyberscoop.com\/wp-content\/mu-plugins\/search\/elasticpress-next\/dist\/css\/related-posts-block-styles.min.css?m=1712258582g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-8\" href=\"https:\/\/cyberscoop.com\/wp-content\/themes\/scoopnewsgroup\/dist\/css\/frontend.css?m=1711866546g\" type=\"text\/css\" media=\"all\">\n<link rel=\"stylesheet\" id=\"typekit-css\" href=\"https:\/\/use.typekit.net\/itk2qbh.css?ver=74528d75ce0daeb8628a\" media=\"all\"> <link rel=\"https:\/\/api.w.org\/\" href=\"https:\/\/cyberscoop.com\/wp-json\/\"><link rel=\"alternate\" type=\"application\/json\" href=\"https:\/\/cyberscoop.com\/wp-json\/wp\/v2\/posts\/80094\"><link rel=\"EditURI\" type=\"application\/rsd+xml\" title=\"RSD\" href=\"https:\/\/cyberscoop.com\/xmlrpc.php?rsd\">\n<meta name=\"generator\" content=\"WordPress 6.5.2\">\n<link rel=\"shortlink\" href=\"https:\/\/cyberscoop.com\/?p=80094\">\n<link rel=\"alternate\" type=\"application\/json+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fsisense-supply-chain-breach%2F\">\n<link rel=\"alternate\" type=\"text\/xml+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fsisense-supply-chain-breach%2F&format=xml\">   <link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=32\" sizes=\"32x32\">\n<link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=192\" sizes=\"192x192\">\n<link rel=\"apple-touch-icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=180\">\n<meta name=\"msapplication-TileImage\" content=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=270\"> <\/head><body class=\"post-template-default single single-post postid-80094 single-format-standard\" id=\"readabilityBody\"> <a href=\"https:\/\/cyberscoop.com\/sisense-supply-chain-breach\/#main\" class=\"skip-to-content-link visually-hidden-focusable\">Skip to main content<\/a> <\/p>\n<div class=\"ad ad--top ad--top-desktop\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p> <main id=\"main\" role=\"main\" tabindex=\"-1\"> <\/p>\n<div class=\"ad ad--top ad--top-mobile\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<section id=\"stickybar\" class=\"stickybar stickybar--newsletter js-stickybar\" readability=\"0.82\"> <button class=\"stickybar__close js-stickybar-close\" aria-controls=\"stickybar\"> <svg class=\"icon icon--close\" width=\"21\" height=\"22\" viewBox=\"0 0 21 22\" fill=\"none\"><path d=\"m.822.518-.805.805L9.695 11 .017 20.678l.805.805 9.678-9.678 9.677 9.678.806-.805L11.305 11l9.678-9.677-.806-.805-9.677 9.677L.822.518Z\" fill=\"currentColor\" \/><\/svg> <span class=\"visually-hidden\">Close<\/span> <\/button> <\/section>\n<article class=\"single-article content\">\n<div class=\"single-article__container js-single-article-content\">\n<header class=\"single-article__header \" readability=\"24.30310880829\">\n<div class=\"single-article__header-content\" readability=\"29.815384615385\">\n<ul class=\"single-article__eyebrow\">\n<li class=\"single-article__category\"> <a class=\"single-article__category-link\" href=\"https:\/\/cyberscoop.com\/news\/cybersecurity\/\"> <span>Cybersecurity<\/span> <\/a> <\/li>\n<\/ul>\n<p> The Cybersecurity and Infrastructure Security Agency is urging Sisense customers to reset credentials and report any suspicious activity. <\/p>\n<\/p><\/div>\n<div class=\"single-article__cover-wrap\">\n<figure class=\"single-article__cover\"> <img data-recalc-dims=\"1\" fetchpriority=\"high\" width=\"640\" height=\"426\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/sisense-breach-exposes-customers-to-potential-supply-chain-attack.jpg?resize=640%2C426&ssl=1\" class=\"single-article__cover-image wp-post-image\" alt decoding=\"async\" fetchpriority=\"high\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/sisense-breach-exposes-customers-to-potential-supply-chain-attack-1.jpg 1920w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/sisense-breach-exposes-customers-to-potential-supply-chain-attack-1.jpg?resize=300,200 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/sisense-breach-exposes-customers-to-potential-supply-chain-attack-1.jpg?resize=768,512 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/sisense-breach-exposes-customers-to-potential-supply-chain-attack-1.jpg?resize=1024,683 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/sisense-breach-exposes-customers-to-potential-supply-chain-attack-1.jpg?resize=1536,1024 1536w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/sisense-breach-exposes-customers-to-potential-supply-chain-attack-1.jpg?resize=600,400 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/sisense-breach-exposes-customers-to-potential-supply-chain-attack-1.jpg?resize=252,168 252w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/sisense-breach-exposes-customers-to-potential-supply-chain-attack-1.jpg?resize=506,337 506w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/sisense-breach-exposes-customers-to-potential-supply-chain-attack-1.jpg?resize=1013,675 1013w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/sisense-breach-exposes-customers-to-potential-supply-chain-attack-1.jpg?resize=1265,843 1265w\" sizes=\"(max-width: 1013px) 100vw, 1013px\"><figcaption> An opened orange lock stands out against a suite of locked green locks in this photo illustration. (MirageC via Getty Images) <\/figcaption><\/figure>\n<\/p><\/div>\n<\/header>\n<div class=\"single-article__content\">\n<div class=\"single-article__content-inner has-drop-cap\"> <html readability=\"33.384517766497\"><body readability=\"68.650049850449\"><\/p>\n<p>Sisense, a business analytics software company whose clients make up a who\u2019s-who of the business world, recently suffered a compromise that prompted U.S. cybersecurity authorities to issue an alert Thursday warning the firm\u2019s customers of the issue. <\/p>\n<p>Although the details of the attack are not yet clear, the breach may have exposed hundreds of Sisense\u2019s customers to a supply chain attack and provided the attacker with a door into the company\u2019s customer networks, a source familiar with the investigation told CyberScoop.<\/p>\n<p>It\u2019s also not yet clear how many companies are at risk, whether the attackers accessed Sisense customer networks, nor who carried out the attack. <\/p>\n<p>The Cybersecurity and Infrastructure Security Agency <a href=\"https:\/\/www.cisa.gov\/news-events\/alerts\/2024\/04\/11\/compromise-sisense-customer-data\">said in an advisory<\/a> Thursday that it \u201cis collaborating with private industry partners to respond to a recent compromise discovered by independent security researchers impacting Sisense.\u201d <\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>The alert recommends that Sisense customers reset credentials \u201cpotentially exposed to, or used to access, Sisense services,\u201d as well as report to CISA any suspicious activity involving credentials exposed to or used to access Sisense services.<\/p>\n<p>An email alert sent to Sisense customers late Wednesday that was viewed by CyberScoop said the company was \u201caware of reports that certain Sisense company information may have been made available on what we have been advised is a restricted access server (not generally available on the internet).\u201d <\/p>\n<p>The alert urged customers \u201cto promptly rotate any credentials that you use within your Sisense application.\u201d<\/p>\n<p>Sisense did not respond to multiple requests for comment Wednesday.<\/p>\n<p>Sisense is used by more than 2,000 global companies operating in the finance, health care, retail, manufacturing, media and entertainment, marketing and technology sectors, according to the company\u2019s website. Its clients include Verizon, Air Canada and Nasdaq, among others, although there\u2019s no indication yet that any of those companies\u2019 networks were exposed in the attack. <\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>Targeting software as a service platforms is a tactic abused by both state-backed operations and criminal, financially motivated attacks. <\/p>\n<p>A <a href=\"https:\/\/cyberscoop.com\/3cx-supply-chain-north-korea\/\">2023 operation linked to North Korea<\/a>, for instance, targeted the 3CX video conferencing and online communications platform, which had been compromised after one of that company\u2019s employees downloaded a compromised version of the financial trading software X_Trader. In another example from 2023, <a href=\"https:\/\/www.wired.com\/story\/moveit-breach-victims\/\">attackers leveraging the CL0P ransomware variant<\/a> targeted vulnerabilities in the MOVEit file transfer software to eventually compromise thousands of companies and obtain data on potentially tens of millions of people.<\/p>\n<p>In another instance, attackers linked to a nebulous cybercrime ecosystem known as Scattered Spider managed to use access and customer credentials for the <a href=\"https:\/\/www.bloomberg.com\/news\/articles\/2023-09-16\/mgm-resorts-hackers-broke-in-after-tricking-it-service-desk\">authentication platform Okta<\/a> to target multiple international companies, <a href=\"https:\/\/www.reuters.com\/technology\/hackers-who-breached-casino-giants-mgm-caesars-also-hit-3-other-firms-okta-says-2023-09-19\/\">including<\/a> MGM Resorts and Caesars Entertainment.<\/p>\n<p><\/body> <\/p>\n<footer class=\"single-article__footer\" readability=\"0.37323943661972\">\n<div class=\"author-card\" readability=\"7\">\n<p><h4 class=\"author-card__name\">Written by AJ Vicens and Tim Starks<\/h4>\n<\/p><\/div>\n<div class=\"single-article__tags-container\">\n<h4 class=\"single-article__tags-title\">In This Story<\/h4>\n<\/p><\/div>\n<\/footer>\n<p> <\/html><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"single-article__ads js-single-article-sidebar\">\n<div class=\"ad ad--sidebar js-single-article-sidebar-5 ad--rightrail_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-4 ad--rightrail_2 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-3 ad--rightrail_3 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div><\/div>\n<\/article>\n<div class=\"popular-stories popular-stories--single-post\">\n<div class=\"popular-stories__container\">\n<h2 class=\"popular-stories__title\"> More Scoops <\/h2>\n<p>  <\/div>\n<p>\n<\/div>\n<p> <\/p>\n<section class=\"latest-podcasts\">\n<h2 class=\"latest-podcasts__title\"> Latest Podcasts\t<\/h2>\n<\/section>\n<div class=\"top-categories\">\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Government<\/h3>\n<\/p><\/div>\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Technology<\/h3>\n<\/p><\/div>\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Geopolitics<\/h3>\n<\/p><\/div>\n<\/p><\/div>\n<p> <\/main> <\/p>\n<div class=\"ad ad--bottom \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div id=\"interstitial\" class=\"welcome__container\"> <button id=\"close-modal-1\" class=\"welcome__clickable_area\"><\/button> <\/p>\n<div class=\"welcome__ad_wrapper\">\n<p> <button id=\"close-modal-3\" class=\"welcome__continue-button\">Continue to CyberScoop<\/button> <\/p>\n<\/p><\/div>\n<\/p><\/div>\n<p>   <\/body> <a href=\"https:\/\/cyberscoop.com\/sisense-supply-chain-breach\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Sisense breach exposes customers to potential supply chain attack |<\/p>\n","protected":false},"author":11,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[1036,78,452,281,649],"tags":[1040,86,454,285,652],"class_list":["post-3039","post","type-post","status-publish","format-standard","hentry","category-breach","category-cybersecurity","category-cybersecurity-and-infrastructure-security-agency-cisa","category-hacking","category-supply-chain-security","tag-breach","tag-cybersecurity","tag-cybersecurity-and-infrastructure-security-agency-cisa","tag-hacking","tag-supply-chain-security"],"featured_image_urls":{"full":"","thumbnail":"","medium":"","medium_large":"","large":"","1536x1536":"","2048x2048":"","chromenews-featured":"","chromenews-large":"","chromenews-medium":""},"author_info":{"display_name":"Cyber Scoop","author_link":"https:\/\/ddi.mohflo.net\/index.php\/author\/cyberscoop\/"},"category_info":"<a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/breach\/\" rel=\"category tag\">breach<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cybersecurity\/\" rel=\"category tag\">Cybersecurity<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cybersecurity-and-infrastructure-security-agency-cisa\/\" rel=\"category tag\">Cybersecurity and Infrastructure Security Agency (CISA)<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/hacking\/\" rel=\"category tag\">hacking<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/supply-chain-security\/\" rel=\"category tag\">supply chain security<\/a>","tag_info":"supply chain security","comment_count":"0","jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/3039","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/comments?post=3039"}],"version-history":[{"count":0,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/3039\/revisions"}],"wp:attachment":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media?parent=3039"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/categories?post=3039"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/tags?post=3039"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}

{"id":3039,"date":"2024-04-11T08:26:39","date_gmt":"2024-04-11T13:26:39","guid":{"rendered":"https:\/\/cyberscoop.com\/?p=80094"},"modified":"2024-04-11T08:26:39","modified_gmt":"2024-04-11T13:26:39","slug":"sisense-breach-exposes-customers-to-potential-supply-chain-attack","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2024\/04\/11\/sisense-breach-exposes-customers-to-potential-supply-chain-attack\/","title":{"rendered":"Sisense breach exposes customers to potential supply chain attack"},"content":{"rendered":"