At Hyperproof, safeguarding our customers’ data is our utmost priority. We understand the importance of trust and transparency, especially in moments of uncertainty. On April 11, 2024, Hyperproof became aware of a breach of our former vendor, Sisense. Upon analysis, we discovered that Sisense had a breach of unknown impact, reportedly discovered on April 10, 2024. As part of this commitment to safety, we are taking proactive measures and want to outline the status of our relationship with Sisense.
Hyperproof officially terminated our relationship with Sisense on March 30, 2024 and removed the Sisense code from the Hyperproof code. However, we did identify a potential overlap with our data still existing at Sisense. Hyperproof is actively working with Sisense to determine the scope and impact, if any, the breach had on our data.
Timeline
March 28, 2024
Hyperproof removes Sisense code from production deployment coincidentally. These efforts were not tied to the breach.
March 30, 2024
As previously planned, Hyperproof’s contractual relationship with Sisense ends.
April 10, 2024
Sisense reportedly discovers the breach.
April 11, 2024
12:35pm EDT: Hyperproof is made aware of the breach through normal breach newsfeeds and a customer contact.
12:53pm EDT: Hyperproof reaches out to Sisense for full disclosure and impact.
1:26pm EDT: Hyperproof escalates for urgency and clarity with Sisense.
1:45-3:30pm EDT: Hyperproof does a due diligence security review of its production environment.
3:30pm EDT: Hyperproof is satisfied that there is no anomalous activity in the Hyperproof production environment.
4:21pm EDT: Hyperproof escalates to Sisense’s CEO for clarity on the event.
April 15, 2024
10:30am EDT: Hyperproof continues to monitor our deployment seen no evidence that any of our customers were impacted by the Sisense breach. Hyperproof continues to wait on Sisense for additional information, as they have provided no update since Thursday, April 11.
2:30pm EDT: Sisense provides Hyperproof with an updated timeline. Sisense changed the date of discovery of the breach from 4/10/2024 to 4/9/2024.
April 17, 2024
7:10 EDT: Sisense sends Hyperproof a notice that stated that certain Hyperproof service configuration data may have been impacted in the breach. Sisense also indicates that the breach may occurred as early as 4/5/2024 , a change from the last date of 4/9/2024.
7:45 EDT: Hyperproof determines that the items that were listed as compromised did not impact Hyperproof. Hyperproof had shutdown the Sisense connection on 3/28/2024, making the compromised data a non-factor. Hyperproof continues to monitor the information and push Sisense for more details. Any new information on the Sisense breach, as it pertains to Hyperproof and its customers, will be shared on this update page.
The impact on you
We are continuing to work with Sisense to get clarity on the impact of this event and analyze how it may or may not impact our customers. It’s important to note that Hyperproof was actively moving away from Sisense when the breach occurred. Hyperproof formerly used Sisense to provide analytics for our company roadmap, based upon a limited set of Hyperproof usage data. At no time was any customer-uploaded proof or control language shared with Sisense.
Have questions? Feel free to reach out.
If you have any questions concerning this security event and Hyperproof’s response, please send an email to [email protected]. We are happy to answer any questions.
Monthly Newsletter
Get the Latest on Compliance Operations.
