RSA offers to replace all SecurID tokens after hack attack
"We recognize that the increasing frequency and sophistication of cyber attacks generally, and the recent announcements by Lockheed Martin, may reduce some customers' overall risk tolerance," RSA wrote in a letter posted on its website.
A 'very serious' attack: SecurID tokens use a "two-factor" authentication method, meaning they require two separate, unique bits of secret data for a successful login. In addition to their username, users must enter a password or PIN number that they have memorized, plus the six-digit number currently displayed on their SecurID. The tokens display a new number every 60 seconds.
"This is a very serious hack," said Josh Daymont, principal at Securisea. "It's not known exactly what was compromised, but SecurIDs control a significant portion of access [for corporate America]. It's not just Lockheed that should be concerned."
No comments:
Post a Comment