via ABC News
A U.S. cyber security company charged with protecting computers for the U.S. government and thousands of private clients has itself been the target of a hacking attack, potentially compromising the security of software used by the Department of Defense and major defense contractor Lockheed Martin.
While the U.S. government has been aware of the attack and working with the company on plugging the security breach for more than a week, according to sources familiar with the investigation, it was only Thursday that Massachusetts-based company RSA alerted the public. RSA, the security division of EMC, claims over 25,000 clients and 40 million users of its security token technology worldwide.
“Recently our security systems identified an extremely sophisticated cyber attack in progress being mounted against RSA,” said executive chairman Arthur Coviello in a statement posted on the company’s website and in a filing to the SEC notifying shareholders of an adverse event. “Our investigation also revealed that the attack resulted in certain information being extracted from RSA’s systems. Some of that information is specifically related to RSA’s SecurID two-factor authentication products.”