In a recent breach, Sisense, a prominent business analytics software company used by over 2,000 global companies across various sectors, has suffered a compromise that potentially exposed their customers to a supply chain attack. The breach prompted the Cybersecurity and Infrastructure Security Agency (CISA) to issue an alert urging Sisense customers to reset their credentials and report any suspicious activity.

Details regarding the attack remain unclear, but according to a source familiar with the investigation, the breach may have provided the attacker with access to Sisense customer networks, opening a door into their systems. The number of companies at risk and the identity of the attacker have not been disclosed at this time.

CISA stated in their advisory that they are cooperating with private industry partners to address the compromise, which was discovered by independent security researchers. As a precautionary measure, Sisense customers are advised to reset credentials that may have been exposed or used to access Sisense services. They are also encouraged to report any suspicious activity related to their credentials to CISA.

Renowned cybersecurity researcher Marc Rogers emphasized the severity of the breach, cautioning both current and former Sisense customers not to underestimate the risk. Rogers highlighted that Sisense has access to confidential data sources belonging to their customers, and the breach included the compromise of tokens and credentials used for that access. He stressed the importance of treating this event as extremely serious due to the sensitive nature of the compromised information.

Sisense customers received an email alert, notifying them of the potential exposure of certain Sisense company data on a restricted access server. The email urged customers to promptly rotate any credentials used within their Sisense application.

As of now, there is no indication that networks of Sisense's high-profile clients, such as Verizon, Air Canada, and Nasdaq, were affected by the breach.

The targeting of software as a service platforms for supply chain attacks is a tactic commonly observed in both state-backed operations and financially motivated criminal attacks. In previous incidents, attacks on other platforms resulted in compromised data from thousands of companies and millions of individuals.

Sisense, however, has not responded to multiple requests for comment regarding the breach.

Update: This article has been updated to include comments from cybersecurity researcher Marc Rogers.

Note: The dates mentioned in the original text are inconsistent, so I have omitted including them in the article.