Hack Hits RSA SeecurID tags on 760 companies
Google, Facebook, Microsoft, just to name a few, were hit by a massive vulnerability in RSA’s SecurID tags. RSA SeecurID tags are used by thousands of companies world wide along with government agencies. So much for algorithm security being safe from hackers.
The information was obtained from a breached “command and control” server, the name for a machine that hackers use to direct the fleets of compromised PCs that they have gained control over. Krebs said he wasn’t at liberty to reveal how that server was discovered or who analyzed the data.
The names of other companies affected by the attack were uncovered after researchers traced back the networks that were communicating with the server that attacked RSA. The first victims started “phoning home” as early as November 2010, Krebs said.
The list is the first glimpse into the pervasiveness of the attack that brought RSA to its knees. Those in the industry have long suspected that RSA was not the hack’s only victim, but no other companies have been willing to talk publicly about whether or not they had been compromised as well.