EMC: RSA SecurID info swiped via sophisticated hack attack

Company exec warns customers that stolen information could be used to more easily penetrate customers' systems

EMC issued a warning today that hackers have stolen information about its RSA SecurID two-factor authentication that could be used by cybercriminals to more easily breach customers' systems,

In an open letter, RSA executive chairman Art Coviello revealed that the information was stolen via an APT (advanced persistent threat) attack.

"While at this time we are confident that the information extracted does not enable a successful direct attack on any of our RSA SecurID customers, [it] could potentially be used to reduce the effectiveness of a current two-factor authentication implementation as part of a broader attack," he wrote.

[Master your security with InfoWorld's interactive Security iGuide. | Stay up to date on the latest security developments with InfoWorld's Security Central newsletter.]

RSA is a subsidiary of EMC; its SecurID system allows admins to configure, assign, and manage token-based authentication from a central site.

According to Coviello, RSA has found no signs that the hackers made off with any customer- or employee-specific data or any information about other RSA or EMC products.

The company is providing steps for customer to take to strengthen their SecurID implementations, according to Coviello; additionally, RSA and EMC are offering customers access to internal resources and to partners to help address the situation.

Further, the company is urging customers to follow steps outlined in a SecurCare Online Note. Notably, at the time of writing, RSA's SecurCare Online website was "experiencing issues [that] may prevent your registration from processing correctly."

Join the Computerworld Australia group on Linkedin. The group is open to IT Directors, IT Managers, Infrastructure Managers, Network Managers, Security Managers, Communications Managers.

More about: APT, EMC, RSA
References show all


Louis Leahy


As I stated in Computerworld’s sister publication CSO yesterday “Hackers learn a new trick to duck anti-phishing measures” tokens, certificates and sms arrangements will not stop breaches until the underlying authentication on which they rely is fixed. If the authentication is fixed then they will be very difficult to break as even with the token they still have to work out the credentials to access. Currently access to credentials is a relatively easy process as highlighted in the CSO story yesterday so that the issue in this story is a very big issue if the attackers get access to the details this leaves it open to them to imitate those details. At least RSA have the ethical integrity to warn their customers which we applaud but these problems are going to continue to exist until the authentication routines on every piece of software that relies on them are fixed or superseded. Our small company Armorlog has designed those routines and we have already demonstrated they work in a proof of concept version. We are now coding a commercial grade release. We hope continued focus by IDG and other responsible media on these issues will prompt leaders in the IT industry & Government and Industry leadership in general to start seriously looking at the solutions offered by small firms such as ours. We hope this will occur before a loss of confidence in internet commerce becomes a hurdle to its development for the general benefit of the global community.

Comments are now closed.
Related Coverage
Related Whitepapers
Latest Stories
Community Comments
Tags: intrusion, security, cyber crime, hacking, emc
All whitepapers

Telco deregulation: Price controls, phone sex on the table

Sign up now to get free exclusive access to reports, research and invitation only events.

Computerworld newsletter

Join the most dedicated community for IT managers, leaders and professionals in Australia