Security companies are constantly the focus of attacks but rarely do they suffer a breach as embarrasing as the one RSA has had to admit to.
RSA executive chairman Art Coviello has penned an open letter to customers revealing that hackers managed to get into its servers which contained data about its SecurID two-factor authentication products.
"Recently, our security systems identified an extremely sophisticated cyber attack in progress being mounted against RSA. We took a variety of aggressive measures against the threat to protect our business and our customers, including further hardening of our IT infrastructure," he wrote.
The EMC owned company launched an investigation which revealed it had been the victim of an advanced persistent threat.
"Our investigation also revealed that the attack resulted in certain information being extracted from RSA's systems. Some of that information is specifically related to RSA's SecurID two-factor authentication products," the letter added.
"While at this time we are confident that the information extracted does not enable a successful direct attack on any of our RSA SecurID customers, this information could potentially be used to reduce the effectiveness of a current two-factor authentication implementation as part of a broader attack," Coviello added.
One source said the damage to the RSA brand was yet to be calculated but resellers, customers and rivals were all watching developments and having to react to one of the most high-profile breaches in the security industry.