EMC owned RSA Security has warned customers about its two-factor SecurID tokens after the company suffered a massive cyber attack.
The company said in a blog post that its system had come under Advanced Persistent Threat (APT) attacks that had stolen sensitive customer information related to its SecurID two-factor authentication products.
SecurID helps customers generate electronic tokens that come with a time-bound number for users to use along with their regular passwords when they log-in to a particular system. The tokens are used as a form of additional network security measure designed to prevent unauthorised access.
The product is used by 25,000 organisations including government agencies, banks and the military among other key industries. The company has warned its customers that the information could be used to negate effectiveness of two-factor authentication.
“Our first priority is to ensure the security of our customers and their trust. We are committed to applying all necessary resources to give our SecurID customers the tools, processes and support they require to strengthen the security of their IT systems in the face of this incident,” Art Coviello, RSA executive chairman said in a statement.
The company also stated that the attack had not impacted customer security on other RSA products.