RSA has warned customers of a security breach that may have compromised its SecurID two-factor authentication system, which is widely used by banks around the world to protect their internal and customer-facing online banking systems.
In an open letter to customers, RSA executive chairman Art Coviello says that the company recently detected an Advanced Persistent Threat attack that resulted in information related to its SecurID two factor authentication products being extracted from its systems.
SecurID tokens are used by an estimated 40 million employees of large corporations and organisations. They generate a random six-digit number which is used alongside a standard user name and password to authenticate access to online networks.
Covellio says: "While at this time we are confident that the information extracted does not enable a successful direct attack on any of our RSA SecurID customers, this information could potentially be used to reduce the effectiveness of a current two-factor authentication implementation as part of a broader attack."
The letter does not identify exactly what data was stolen, but industry experts fear that the attack focused on accessing the core seed database of individual SecurID tokens.
Coviello says the company is actively working with customers to provide "immediate steps for them to take to strengthen their SecurID implementations".
"Our first priority is to ensure the security of our customers and their trust," the letter continues. "We are committed to applying all necessary resources to give our SecurID customers the tools, processes and support they require to strengthen the security of their IT systems in the face of this incident. Our full support will include a range of RSA and EMC internal resources as well as close engagement with our partner ecosystems and our customers' relevant partners."
He goes on to note that APT threats are becoming a significant challenge for all large corporations.
"As appropriate, we will share our experiences from these attacks with our customers, partners and the rest of the security vendor ecosystem and work in concert with these organizations to develop means to better protect all of us from these growing and ever more sophisticated forms of cyber security threat."