In today’s Wall Street Journal,
Security ‘Tokens’ Take Hit
RSA Offers to Replace Nearly All of Its SecurIDs in Use or Provide Monitoring
Lockheed became the first confirmed breach related to the RSA issue, with the U.S. weapons manufacturer saying an investigation into last month’s cyber attack on the company “concluded that the RSA breach was a direct contributing factor.”
“RSA has been with us every step of the way since our breach, and we’re replacing all of our SecurID tokens,” Lockheed spokeswoman Jennifer Whitlow said. “They did review our investigation details and have offered to help out as they could.”
The Lockheed attack showed that it was technologically feasible to hack a third-party using data taken from RSA, and the defense contractor may not be the last example.Mr. Coviello said that “I’m not suggesting we won’t see some other attacks in the interim given the scale of the Lockheed attack, but it is the only confirmed attack we have using the [stolen] information.”
What I want to know is, where are the security tokens made?