|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Cryptocurrency News Articles
Sisense Data Breach Compromises Credentials for Critical Infrastructure Sector
Apr 12, 2024 at 08:08 am
The Cybersecurity and Infrastructure Security Agency (CISA) is investigating a breach at Sisense, a business intelligence company that allows companies to track multiple third-party online services. Sisense has urged customers to reset any credentials and secrets shared with the company, advising caution and the rotation of any credentials used within the Sisense application.

Cybersecurity Breach at Sisense: Critical Infrastructure Sector Organizations Impacted
The United States Cybersecurity and Infrastructure Security Agency (CISA) has initiated an investigation into a data breach at business intelligence company Sisense. Sisense's products enable businesses to monitor the status of various external online services through a centralized dashboard.
CISA has strongly advised all Sisense customers to reset any credentials and secrets shared with the company, a recommendation previously issued by Sisense on April 10th.
Sisense, headquartered in New York City, boasts over a thousand customers across multiple industries, including finance, telecommunications, healthcare, and higher education. On April 10th, Sangram Dash, Sisense's Chief Information Security Officer, informed customers of reports indicating that "certain Sisense company information may have been made available on what we have been advised is a restricted access server."
"We are treating this matter with the utmost seriousness and have promptly commenced an investigation," Dash stated. "We have enlisted industry-leading experts to aid in our investigations. Our business operations have not been interrupted by this incident. However, as a precautionary measure, we strongly urge you to immediately change any credentials you use within your Sisense application."
CISA's advisory acknowledges its collaboration with private industry partners in response to the incident, particularly considering the potential impact on critical infrastructure sectors. CISA pledged to provide updates as more information becomes available.
Sisense declined to comment when contacted about the accuracy of information shared by reliable sources close to the investigation. These sources indicate that the breach likely originated with the attackers' access to Sisense's Gitlab code repository. Within this repository, a token or credential provided the attackers access to Sisense's Amazon S3 buckets in the cloud.
Sources further revealed that the attackers utilized their S3 access to exfiltrate terabytes of Sisense customer data, reportedly including millions of access tokens, email account passwords, and even SSL certificates.
This incident raises concerns about Sisense's safeguards for protecting sensitive customer data, particularly regarding whether the large volume of stolen data was encrypted while stored on Amazon cloud servers.
Crucially, the breach has compromised all credentials that Sisense customers used within their dashboards.
The incident also highlights the limited scope of Sisense's remediation actions on behalf of customers. Access tokens are essentially text files that enable extended login sessions, sometimes indefinitely. Depending on the service, attackers may be able to reuse these tokens to impersonate victims without presenting valid credentials.
Beyond resetting passwords, Sisense customers must assess their individual circumstances and determine whether to change passwords for third-party services previously integrated with Sisense.
Following the incident, a public relations firm representing Sisense inquired about KrebsOnSecurity's plans for further updates. Sisense requested an opportunity to provide comments before publication.
However, after being confronted with details provided by sources, Sisense reportedly changed its position. "After consulting with Sisense, they have told me that they don't wish to respond," the PR representative stated via email.
Update, 6:49 p.m., ET:
It has been clarified that Sisense utilizes a self-hosted version of Gitlab, not the cloud version managed by Gitlab.com.
Sisense's CISO, Dash, has issued a detailed update to customers. The revised guidance includes resetting access tokens across various technologies, such as Microsoft Active Directory credentials, GIT credentials, web access tokens, and single sign-on (SSO) secrets or tokens.
Dash's full message to customers is as follows:
"Good Afternoon,
We are following up on our prior communication of April 10, 2024, regarding reports that certain Sisense company information may have been made available on a restricted access server. As noted, we are taking this matter seriously and our investigation remains ongoing.
Our customers must reset any keys, tokens, or other credentials in their environment used within the Sisense application.
Specifically, you should:
- Change Your Password: Change all Sisense-related passwords on http://my.sisense.com
Non-SSO:
- Replace the Secret in the Base Configuration Security section with your GUID/UUID.
- Reset passwords for all users in the Sisense application.
- Logout all users by running GET /api/v1/authentication/logout_all under Admin user.
Single Sign-On (SSO):
- If you use SSO JWT for the user's authentication in Sisense, you will need to update sso.shared_secret in Sisense and then use the newly generated value on the side of the SSO handler.
- We strongly recommend rotating the x.509 certificate for your SSO SAML identity provider.
- If you utilize OpenID, it's imperative to rotate the client secret as well.
- Following these adjustments, update the SSO settings in Sisense with the revised values.
- Logout all users by running GET /api/v1/authentication/logout_all under Admin user.
- Customer Database Credentials: Reset credentials in your database that were used in the Sisense application to ensure continuity of connection between the systems.
- Data Models: Change all usernames and passwords in the database connection string in the data models.
- User Params: If you are using the User Params feature, reset them.
- Active Directory/LDAP: Change the username and user password of users whose authorization is used for AD synchronization.
- HTTP Authentication for GIT: Rotate the credentials in every GIT project.
- B2D Customers: Use the following API PATCH api/v2/b2d-connection in the admin section to update the B2D connection.
- Infusion Apps: Rotate the associated keys.
- Web Access Token: Rotate all tokens.
- Custom Email Server: Rotate associated credentials.
- Custom Code: Reset any secrets that appear in custom code Notebooks.
If you need any assistance, please submit a customer support ticket at https://community.sisense.com/t5/support-portal/bd-p/SupportPortal and mark it as critical. We have a dedicated response team on standby to assist with your requests.
At Sisense, we give paramount importance to security and are committed to our customers' success. Thank you for your partnership and commitment to our mutual security.
Regards,
Sangram Dash
Chief Information Security Officer"
Disclaimer:info@kdj.com
The information provided is not trading advice. kdj.com does not assume any responsibility for any investments made based on the information provided in this article. Cryptocurrencies are highly volatile and it is highly recommended that you invest with caution after thorough research!
If you believe that the content used on this website infringes your copyright, please contact us immediately (info@kdj.com) and we will delete it promptly.
-
-
- Consensus 2026 Miami: Web3, Blockchain, Cryptocurrency, NFTs, Metaverse, Conference, May 5th — Where Wall Street Meets the Digital Frontier
- May 01, 2026 at 11:27 pm
- Miami buzzes as Consensus 2026 approaches on May 5th, highlighting Web3, blockchain, crypto, NFTs, and the metaverse's shift from hype to institutional and sustainable reality.
-
-
- Bitcoin Miners Electrify the Grid: Ohio Gas Plant Acquisition Powers Up a New Era for Digital Gold
- Apr 30, 2026 at 10:38 pm
- The Bitcoin mining industry is undergoing a significant transformation, with major players aggressively expanding operations and strategically acquiring energy assets like Ohio gas plants to solidify their future in the digital economy.
-
-
- Solana's Slippery Slope: Price Prediction Points to Resistance Loss and Potential Further Drops
- Apr 30, 2026 at 09:08 pm
- Solana is struggling to break key resistance, signaling potential downside. Repeated rejections at $86-$88, coupled with a broken short-term pattern, point to targets as low as $67, or even $40, as sellers maintain control. Investors should watch critical support levels closely.
-
-
- NYC's New Beat: Staking Systems, USD1, and Governance Drive Crypto's Next Wave
- Apr 30, 2026 at 03:02 pm
- From lucrative USD1 earning events to robust governance models, the crypto sphere is buzzing with innovations reshaping how we engage with digital assets, focusing on long-term commitment and stablecoin utility.
-
- OKX Unveils Agent Payments Protocol: Ushering in a New Era of AI Transactions
- Apr 30, 2026 at 02:53 pm
- OKX launches its Agent Payments Protocol (APP), an open standard for AI-driven commerce, enabling agents to manage full business cycles. Explore the implications for AI transactions and agentic payments.

































