Sydney Morning Herald | March 21, 2011 | Ben Grubb
Hundreds of thousands of cryptographic tokens used by Australians who bank online, the Defence Force and other large corporations are vulnerable to a potential hack attack after a supplier revealed secret data it held had been stolen.
Customers of RSA, a security division of the data storage giant EMC, were on Friday told that the company had been the victim of “an extremely sophisticated cyber attack”.
Federal government customers of RSA’s affected SecurID service include the Department of Defence, Department of the Prime Minister and Cabinet, Australian Electoral Commission, Family Court of Australia, Department of Parliamentary Services, Department of Veterans’ Affairs, Geoscience Australia, AusAid, Department of the Treasury and Crimtrac, according to closed tender documents listed on the AusTender website.
Known Australian companies that use the RSA token service include Westpac, Telstra and Virgin Blue.
A prominent security expert, Steve Gibson, said RSA customers should consider their RSA SecurID tokens “completely compromised” and insist upon their immediate replacement. Though RSA may not want to do this, Mr Gibson described it as “the responsible thing” to do, even if it was a “very expensive” exercise to undertake.
……
Read full article here via Sydney Morning Herald
Hacked security firm leaves Aussies vulnerable
ABOUT AUTHOR