17 December 2017
visit www.ebaday.com

RSA SecurID hack costs EMC $66m; scammers target victims with malware plot

29 July 2011  |  11765 views  |  0 cash

The security breach at RSA earlier this year that compromised its SecurID two-factor authentication system has so far cost parent company EMC $66 million, according to the Washington Post.

In an earnings call this week discussing the company's second quarter results, EVP David Goluden, confirmed: "We incurred an accrued cost associated with investigating the attack, hardening our systems and working with customers to implement our remediation programs."

In total around $66 million has been spent as a result of the incident, including on transaction monitoring for worried corporate customers and replacements for firms that requested them, says the Post.

The company also revealed that it began alerting customers within hours of the attack and that it believes the target was defence and government agency information, not financial data.

Meanwhile, the fallout from the breach continues, with e-mail security specialist appriver claiming that a malware campaign has been launched targeting the owners of the 40 million SecurID Token user accounts compromised.

Appriver says messages are being sent out purportedly from RSA, warning that an "unsafe vulnerability" has been found in some token devices. Victims are asked to click on a link to what is supposedly a security scanner but is actually the infamous Zeus malware.

Another authentication outfit, SecurEnvoy has been quick to pick up on the scam and use it to attack its rival, with CTO Andrew Kemshall, claiming: "The success of this Zishing attack vector is the direct result of RSA inadequate and belated response to news of a break-in to its servers. Had the firm launched a better response as soon as the incident took place, then this infection campaign would not have any effect on users at all. It might also not have happened at all."

Comments: (0)

Comment on this story (membership required)

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board: sign up now

Related stories

Zeus makes move to investment fraud

Zeus makes move to investment fraud

27 April 2011  |  7414 views  |  0 comments
RSA hack explained: phishing and Flash flaw

RSA hack explained: phishing and Flash flaw

04 April 2011  |  12658 views  |  1 comments
Cybercrook peddles Zeus source code

Cybercrook peddles Zeus source code

24 March 2011  |  8992 views  |  0 comments
RSA hacked: SecurID two factor authentication data leaked

RSA hacked: SecurID two factor authentication data leaked

18 March 2011  |  17676 views  |  0 comments
US charges dozens over Zeus scam

US charges dozens over Zeus scam

01 October 2010  |  10012 views  |  1 comments
Zeus Trojan opens backdoor crack to two-factor SMS authentication

Zeus Trojan opens backdoor crack to two-factor SMS authentication

27 September 2010  |  13594 views  |  0 comments
Zeus Trojan steals £675,000 from UK bank

Zeus Trojan steals £675,000 from UK bank

10 August 2010  |  11907 views  |  0 comments

Related company news

 

Related blogs

Create a blog about this story (membership required)
visit www.response.ncr.comvisit www.ebaday.comvisit www.atos.net

Top topics

Most viewed Most shared
satelliteRipple completes XRP Lockup
10643 views comments | 3 tweets | 2 linkedin
PSD2: Laying the regulatory foundation for a new age in paymentsPSD2: Laying the regulatory foundation for...
10277 views comments | 18 tweets | 36 linkedin
Banks tap Ethereum smart contracts for MiFID II complianceBanks tap Ethereum smart contracts for MiF...
7635 views comments | 10 tweets | 10 linkedin
Banks and fintech startups join forces on blockchain-based supply chain pilotBanks and fintech startups join forces on...
7338 views comments | 19 tweets | 22 linkedin
hands typing furiouslyReshaping Customer Engagement & Da...
6756 views 0 | 4 tweets | 2 linkedin

Featured job

Competitive base, commission, benefits
London, UK

Find your next job