Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

The RSA hack FAQ

Tim Greene | March 18, 2011
In the aftermath of RSA saying that its SecureID two-factor authentication tokens may have been compromised in a data breach of the company's network, here are some key questions and answers about the situation.

How did the hackers get in?

RSA is describing the attack as an advanced persistent threat, but isn't detailing what happened.

When will they?

It's not clear that they ever intend to: "As appropriate, we will share our experiences from these attacks with our customers, partners and the rest of the security vendor ecosystem and work in concert with these organizations to develop means to better protect all of us from these growing and ever more sophisticated forms of cybersecurity threat."

How did RSA react when it discovered the breach?

The company says in a statement that it took aggressive measures against the attack and hardened its IT infrastructure. It says it has also investigating and has notified appropriate authorities. It doesn't detail the measures, hardening efforts or who the authorities are.

When did this happen?

"Recently" is the closest RSA comes to telling. The company notified the Securities and Exchange Commission yesterday, and is reported to have been working with government customers on the fallout for more than a week.

 

Previous Page  1  2 

Sign up for CIO Asia eNewsletters.