The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is investigating a breach at Sisense, a business intelligence company that provides products for monitoring multiple online services. CISA advised all Sisense customers to reset any credentials shared with the company, echoing advice given by Sisense’s Chief Information Security Officer, Sangram Dash.

Sisense, based in New York City, serves over a thousand customers across various industries. The breach involves unauthorized access to Sisense’s Gitlab code repository, leading to compromised credentials that granted access to the company’s Amazon S3 buckets. Attackers exfiltrated terabytes of customer data, including access tokens, email account passwords, and SSL certificates.

The incident highlights concerns about data protection measures at Sisense and the potential for attackers to reuse stolen access tokens. Customers are advised to reset passwords and credentials for various services, including Microsoft Active Directory, GIT, single sign-on (SSO), database connections, and more.

Sisense’s response to the breach involves detailed instructions for customers to reset credentials and update security settings across multiple technologies. The company emphasizes its commitment to security and offers assistance to affected customers through its support channels.

Sangram Dash, Sisense’s Chief Information Security Officer, reiterates the company’s dedication to customer security and urges cooperation in addressing the breach.