Report: RSA hackers knock off 760 other businesses

Share this article:

At least 760 organizations appear to have fallen victim to the same attacks that compromised RSA's SecurID authentication system earlier this year.

The names appear on a list of targeted machines that had phoned home to the same command-and-control (C&C) servers used in the March attacks on RSA.The list was shared by information professionals to Congress and subsequently published by blog "Krebs on Security."

It includes names such as eBay, Motorola, IBM, McAfee and VMware. A number of telecommunication firms  also appeared on the list but likely because their subscribers were compromised.

Three hundred of the 339 C&C servers identified in the attacks were located in China, according to the analysis.

RSA leaders have openly discussed some details on the attack, but President Art Coviello, speaking at RSA Conference Europe earlier this month, said the company lacked the evidence to determine the culprit of the breach. He maintained that the compromised SecurID token system did not result in customer data loss.

“There has been no successful attacks with the information and only one incident where the information taken was used in an attack,” Coviello said, presumably referring to the breach of systems at defense contractor Lockheed Martin.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

Fake Dropbox login page nabs credentials, is hosted on Dropbox

Fake Dropbox login page nabs credentials, is hosted ...

Symantec researchers received a phishing email linking recipients to a fake Dropbox login page that is hosted on Dropbox's user content domain and served over SSL.

Hacker sentenced to 30 months in prison and $300k restitution

Hacker sentenced to 30 months in prison and ...

Lamar Taylor was sentenced in New Jersey this past week for allegedly participating in a cybercrime scheme that accounted for more than $15 million.

Progress on national breach notification law may stall

A bill, which would require a national reporting standard, has failed to make it before the Senate or House this year.