Security company RSA has taken full responsibility for a security breach which may have left details of its two-tier authentication products in the hands of hackers.
In an open letter written to the company's customers, it explained that the token system that generates a unique code granting access to sensitive networks such as banks and governments could be compromised as a result.
"The attack resulted in certain information being extracted from RSA's systems," executive chairman Art Coviello said. "Some of that information is specifically related to RSA's SecurID two-factor authentication products.
"While at this time we are confident that the information extracted does not enable a successful direct attack on any of our RSA SecurID customers, this information could potentially be used to reduce the effectiveness of a current two-factor authentication implementation as part of a broader attack."
According to RSA, the attack fell into the category of "Advanced Persistent Threat" and the company warned customers they should take "immediate action".
In a note to security professionals, RSA recommended a string of measures that customers should take to ensure hackers couldn't exploit the information gained in the attack.
Return to security news headlines
View Security News Archive