RSA SecureID Breach Costs EMC $66 Million


The March security breach targeting RSA’s SecureID two-factor authentication tokens has thus far cost parent company EMC $66 million during its second quarter to remediate, The Washington Post reported.

During EMC’s Q2 earnings call, David Goluden, EMC executive vice president, said that the company shelled out $66 million for numerous reparations following the massive cyber attack, which included transaction monitoring for worried customers apprehensive that their SecureID tokens were compromised, as well as issuing replacement tokens for customers at their request.

“We incurred an accrued cost associated with investigating the attack, hardening our systems and working with customers to implement our remediation programs,” said Goluden, according to The Washington Post.

In addition, EMC revealed that it alerted customers within hours of the breach, and said it suspects that cyber criminals were targeting the company for information on defense contractors and government organizations, as opposed to financial data.

RSA was forced to fork over remediation costs in March when the company acknowledged that its SecureID two-factor authentication tokens had been targeted in a sophisticated attack known as an Advanced Persistent Threat .

RSA President and Chairman Art Coviello issued an open letter following the breach, saying he was “confident that the information extracted does not enable a successful direct attack on any of our RSA SecurID customers.” However, Coviello remained mum on exactly what was taken or how it might affect customers.

Two months later giant weapons manufacturer Lockheed Martin publicly confirmed that it was the victim of a “significant and tenacious” cyber attack executed by hackers exploiting a security vulnerability in SecurID tokens, used for two-factor authentication for remote VPN access.

Lockheed Martin first became aware of the problem in May, when IT administrators detected a network disruption that appeared to be an external intrusion. The company subsequently shut down its computer systems and embarked on the process of re-issuing SecureID tokens to many of its employees while requiring a password reset for the more than 120,000 workers at the company.

Since then two other defense contractors -- Northrop Grumman and L3 Communications -- have also reported breaches, allegedly connected to RSA’s SecureID tokens.

Subsequently, RSA has been on the receiving end of a firestorm of criticism by customers and channel partners for its lack of communication and failure to remediate the SecureID breach with token replacements in timely manner.

Meanwhile, the long-term damage of the RSA breach could likely manifest in depleted sales revenues, customer attrition and lost opportunities for the company. During Symantec’s first quarter earnings call Wednesday, CEO Enrique Salem said that the security company was benefitting from the fallout of the RSA breach, as customers sought alternatives to RSA’s authentication and identity management solutions.