Request a demo

Security Breach at Sisense: A Comprehensive Overview 

Shiran Rachman May 6, 2024
Link copied to clipboard
Back

Breach Details

In April 2024, Sisense, established in 2004 to offer business intelligence and data analytics software, suffered a significant data breach. The breach involved unauthorized access to Sisense’s GitLab code repository, which led to the exfiltration of data from Sisense’s Amazon S3 accounts. This breach has been described as one of the most severe in recent times, potentially affecting millions of credentials. 

Implications 

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has taken an active role in addressing this breach due to its potential to initiate a massive supply chain attack that could affect thousands of companies globally. The breach highlights critical vulnerabilities in software products and the growing interest of attackers in targeting such infrastructure. 

Call to Action 

In response to the breach, Sisense’s CISO has issued urgent recommendations for all customers to rotate any credentials used within their Sisense applications immediately (see the original message) 

Customers should also reset API keys and look for unusual activity starting from April 5th, 2024. Users must act quickly to mitigate further risks. 

How Suridata Could Have Helped 

In this incident, Suridata could have mitigated the risk significantly by:  

  • Securing access to Gitlab using IP based controls 
  • Ensuring that all users access requires MFA and that there are no exceptions 
  • Configuring and scanning to confirm that there is no committing of credentials into code  
  • Restrict AWS API key usage by IP Address 
  • Making sure that client information is encrypted at rest 
  • Detect Sisense as a shadow SaaS / third-party app connected to core business applications.

Conclusion 

The Sisense data breach serves as a critical reminder of the importance of enhanced SaaS security practices, especially in safeguarding interconnected applications and third parties. Companies must stay proactive in their security strategies to protect their data and maintain trust with their customers and partners. 

Shiran Rachman

Product Lead

Back to list

Watch also

Request Sent

Thank you for your interest.
We will get back to you soon.