Categorizing the attack as an Advanced Persistent Threat - a term that is often associated with corporate espionage and state sponsored attacks - he said that their investigation revealed that the information extracted from the company systems is related to its SecurID two-factor authentication products, which are widely used by government agencies, private companies and other large organizations to add an additional layer of security for when employees log into their companies' networks.
"While at this time we are confident that the information extracted does not enable a successful direct attack on any of our RSA SecurID customers, this information could potentially be used to reduce the effectiveness of a current two-factor authentication implementation as part of a broader attack," said Coviello. "We have no evidence that customer security related to other RSA products has been similarly impacted. We are also confident that no other EMC products were impacted by this attack."
He made sure to point out that customer or employee personally identifiable information has not been compromised, and that they are working with their customers to strengthen the security of their IT systems.
No further details about the incident have been revealed at this time, since the investigation is also mounted by the authorities - very likely by government security agencies. The lack of definite information has resulted in widespread speculation on the Internet.
According to ZDNet, security expert Dan Kaminsky says that it is not impossible that the database that links SecurID serial numbers to seeds (card's factory-encoded random key) has been compromised, which would mean that the attackers would be able to know all generated tokens at any given time and even know which organizations are using them.
Until more details are known, he advises administrators to be on the lookout for unusual use of SecurID on external-facing interfaces.
RSA also issued a set of rather broad recommendations for its customers, but offered no specific details about the compromise.
EMC says it doesn't expect the company to suffer any financial repercussions following the breach, but it seems a little too optimistic since SecurID currently commands around 70% of the two-factor authentication market, and is a major source of revenue for RSA.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.