Marc Rogers 🥜 👋🏼 ⚠️
The nature of sisense is they require access to their customers confidential data sources. They have direct access to JDBC connections, to SSH tunnels, and to SaaS platforms like Salesforce and many more. It also means they have tokens, credentials, certificates often upscoped. 1/2
Apr 11, 2024 at 5:05pmWeb
Show threadMarc Rogers 🥜 👋🏼 ⚠️Apr 11, 2024
The data stolen from sisense contained all these tokens, credentials and access configurations. This is a worst case scenario for many sisense customers. These are often literally the keys to their kingdoms. Treat as an EXTREMELY serious event. 2/2
Show threadhappyborgApr 12, 2024
@cj and yet they stored this as plaintext.