EMC's RSA Security division was the target of a recent sophisticated cyber attack which could have led to "certain information being extracted from RSA's system" wrote RSA's Executive Chairman Art Coviello in an open letter published late on Thursday. The information is specific to the company's well-known SecurID two-factor authentication products, and Coviello emphasized that the company has no evidence that security related to other products was affected.

SecurID is used by about 25,000 corporations to provide an added level of security, and this break-in is a major embarrassment to parent company EMC, also a premium security vendor, observed The Wall Street Journal. For now, RSA says it is "confident that the information extracted does not enable a successful direct attack on any of our RSA SecurID customers," though it warned that "this information could potentially be used to reduce the effectiveness of a current two-factor authentication implementation as part of a broader attack."

The truth is that the statements do not offer sufficient detail for corporations to react to; it is also possible that RSA is unable to conclusively determine the full extent of what was pilfered. The company says it is reaching out to customers to provide "immediate steps for them to take to strengthen their SecurID implementations."

For more on this story:
- read the open letter from RSA
- check out this article at PC World
- check out this article at WSJ

Related Articles:
RSA study: More IT decisions are influenced by users 
RSA report: Compliance risks, costs are on the rise