The cyber-thieves may have snagged sufficient information to crack the RSA Token security.
Per RSA Executive Chairman Art Coviello:
“Some of that information is specifically related to RSA’s SecurID two-factor authentication products. While at this time we are confident that the information extracted does not enable a successful direct attack on any of our RSA SecurID customers, this information could potentially be used to reduce the effectiveness of a current two-factor authentication implementation as part of a broader attack.”
Holy schnikies!
Per the Washington Post:
“Forty million SecurID tokens are in use in more than 30,000 companies and government agencies worldwide.”
Something tells me between the coming lawsuits, potential class action lawsuits, costs to replace and mass RSA outrage and firings it is about to get really, really ugly.
Might I recommend, from News.com:
What the RSA Breach Means For You (FAQ)
Thoughts?
Tags: Rossin, RSA, SecurID, Todd, Todd Rossin, two-factor authentication
[...] on May 24th is having resounding fallout in the form of hacking using cloned devices. When we first blogged about the hack the question was what did the hackers actually make off with and was it enough to [...]