40M Put At Risk From 'Advanced Persistent Threat' Attacks Responsible for RSA SecurID Breach

Security company RSA, The Security Division of EMC Corp's information storage, has been the target of a malicious attack from hackers attempting to steal vast amounts of data. The hackers stole valuable information regarding the company's two-factor authorization system, a system developed to prevent unauthorized access to customers.

The stolen information could teach the cybercriminals how to bypass RSA's SecurID products. Since such products are used by so many companies, including the Department of Defense, this crime could have major security consequences. Not only will the RSA be on the quest for a solution but US Government officials may be conducting their own investigation in this breach incident.

President of RSA, Art Coviello, maintains that the company is working to strengthen the security of the SecurID products.

In a letter to customers, Coviello wrote "While at this time we are confident that the information extracted does not enable a successful direct attack on any of our RSA SecurID customers, this information could potentially be used to reduce the effectiveness of a current two-factor authentication implementation as part of a broader attack."

It is believed that up to 40 million authentication tokens, used by millions of government and bank employees, was stolen in the recent breach potentially putting customers at risk. RSA believes that all employee and customer information was untouched by the hackers. While RSA deals with the problem, the company recommends that customers take additional security measures, such as "enforce strong password and pin policies." The attack has been categorized as an Advanced Persistent Threat (APT), one that does not enable direct extraction of data from the RSA SecurID customers.

In today's world hacking has become a commonplace epidemic. We have witnessed security breaches range from Hotel credit card processing systems to severs that harbor student loan data. It is evident from recent attacks that hackers are ruthless when it comes to compromising data. It may seem rather petty, but we can all do our part in protecting our own personal data starting with home and work PCs. Simply installing antivirus or antispyware software is a good first step to take.

Do you honestly believe that your personal data stored on various online systems is relatively safe from data breaches?