Type
Incident
Actors
Unknown
Pub. date
April 11, 2024
Initial access
Unknown
Impact
Data exfiltration
Observed techniques
Credential harvesting from code repository
Targeted technologies
GitLab
References
https://krebsonsecurity.com/2024/04/why-cisa-is-warning-cisos-about-a-breach-at-sisense/https://www.cisa.gov/news-events/alerts/2024/04/11/compromise-sisense-customer-data
Status
Finalized
Last edited
Jun 2, 2024 8:02 AM
An unknown threat actor gained access to a self-hosted Gitlab instance used by Sisense, which stored credentials for an S3 bucket containing customer access tokens, passwords and SSL certificates.