Almost 24 hours from the original notification, and no information available yet?...

Thank you for your patience everyone. We are still working on the communication and will have it out as soon as possible. 

Is this only affected to sisense cloud customers?.. does it affect self hosted customers?

I find it utterly ridiculous that we still have not received an answer to the most basic question : DOES THIS AFFECT SELF-HOSTED CUSTOMERS? We asked the question more than 24 hours ago and were given a generic cryptic "please refer to our FAQ".

Well here I am... in your FAQ, and I still cannot find an answer. Please follow the most basic incident response protocol and help your customers identify if they're affected by your security incident.

Thank you for your feedback, and I understand your frustration. I am communicating your concerns to our internal teams and I will share more information as soon as possible.

How does this affect customer database credentials? Does it mean that our credentials have been exposed and hence, someone could potentially log in to our database instance?

My organization is also looking to find out how this happened, what actually happened, and what is being done to prevent a further incident in the future.

Please let us know if you have any update if this impacts self hosted customers.

Please let us know if it affects self hosted customers.

Is there any update or is there going to be an official statement with more detail released from Sisense soon? This is a potential huge deal for our organizational membership and we need our questions answered ASAP.

We received an email about the impact is with my.sisense.com. Is the app.periscope.com got compromised as well? Since Sisense purchased Periscope.

Regarding our data-source passwords that are stored directly in the self-hosted environments, we were told that we have to update these passwords.  Are they somehow being sent back to Sisense and if so, what purpose would Sisense have for logging these? I understand this would be the case if we had signed up for the Sisense on-premise's environment, but we didn't. 

I'm not sure the latest response was worthy of interupting my Sunday as the CEO seemed to simply read out the statement already on the FAQ.  It may be of interest to others that the NCSC in the UK have alerted us that that the incident may have started on or around the 5th April.  This wording was included in their notification to us:

"The NCSC has received credible information to suggest that database credentials belonging to your
organisation may have been obtained by a cyber criminal group through the suspected compromise of
Sisense. We believe this activity is may have started around the 5th April 2024."

I keep on seeing mention of an "FAQ". Where is this? Was it was only sent out via email, or is there an actual FAQ page somewhere? My company's in a bit of a unique position in that we're not direct Sisense customers, and instead we use it in a roundabout 3rd party way, so we never received any emails. I'm trying to get more information about how this whole thing impacts us, but I've tried looking around on the Sisense website and in the community and I'm not finding anything. Maybe I've just missed it, but if so, I'd appreciate someone posting a link. (Side note: assuming I haven't  missed it....why is this incident seemingly not mentioned anywhere on the main Sisense website? I understand this is maybe embarrassing, so maybe you wouldn't plaster it right on the main page, but still, shouldn't there at least be a press release about this or something?)