Security vendor RSA has admitted that hackers breached its systems, extracting undisclosed product information on its widely-used SecurID two-factor authentication tokens.
Australian RSA customers included Telstra's directories business Sensis, insurer Allianz Australia and Virgin Blue.
Chief executive officer Art Coviello wrote to his blog that it had begun "an extensive investigation" and was working with authorities after the "extremely sophisticated cyber attack" was detected.
"While at this time we are confident that the information extracted does not enable a successful direct attack on any of our RSA SecurID customers, this information could potentially be used to reduce the effectiveness of a current two-factor authentication implementation as part of a broader attack," Coviello wrote.
"We are very actively communicating this situation to RSA customers and providing immediate steps for them to take to strengthen their SecurID implementations."
Coviello said RSA was throwing staff and channel partner resources at customers "to ensure their security and trust".
He said that customer and employee data had not been compromised, nor had any other systems owned by RSA's parent EMC.
RSA said its SecurID tokens were the "gold standard in two-factor user authentication" and that they were the "choice of over 25,000 customers worldwide".
Copyright © iTnews.com.au . All rights reserved.
A confirmation email has been sent to your email address - SUPPLIED GOES EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @itnews.com.au to your white-listed senders.