Wednesday, March 16, 2011

RSA Reports Attack on its SecurID Two-factor Authentication

RSA's own security systems have been the victim of an extremely sophisticated cyber attack and this possibly compromises its two-factor, SecurID Authentication product.

In an open letter to customers, RSA's Executive Chairman, Art Coviello, said that the attack penetrated its system and that certain information specifically related to its SecurID two-factor authentication products was extracted.

RSA believes the information extracted does not enable a successful direct attack on any of its RSA SecurID customers. However, the company warns that this information could potentially be used to reduce the effectiveness of a current two-factor authentication implementation as part of a broader attack.

The company does not believe its customers' security related to other RSA products has been similarly impacted.