RSA Suffers Data Security Breach

Security company RSA has taken full responsibility for a security breach which may have left details of its two-tier authentication products in the hands of hackers.

In an open letter written to the company's customers, it explained that the token system that generates a unique code granting access to sensitive networks such as banks and governments could be compromised as a result.

"The attack resulted in certain information being extracted from RSA's systems," executive chairman Art Coviello said. "Some of that information is specifically related to RSA's SecurID two-factor authentication products.

"While at this time we are confident that the information extracted does not enable a successful direct attack on any of our RSA SecurID customers, this information could potentially be used to reduce the effectiveness of a current two-factor authentication implementation as part of a broader attack."

According to RSA, the attack fell into the category of "Advanced Persistent Threat" and the company warned customers they should take "immediate action".

In a note to security professionals, RSA recommended a string of measures that customers should take to ensure hackers couldn't exploit the information gained in the attack.

print this article

Return to security news headlines
View Security News Archive

Share with: