EMC Corp.’s security-systems unit RSA offered to swap the SecurID tokens it provides to clients such as defense contractors and government agencies after a network breach disclosed in March resulted in the theft of RSA data.
RSA will replace the tokens if the customer believes it is necessary, Helen Stefan, a spokeswoman, said in an interview. She said RSA has about 40 million tokens in use, providing clients’ employees remote access to internal networks. Its defense-contractor clients include Lockheed Martin Corp., Northrop Grumman Corp. and Raytheon Co.
In March, Hopkinton, Massachusetts-based EMC said that a cyber attack resulted in information being taken from its systems, including data related to RSA’s SecurID products. Bethesda, Maryland-based Lockheed Martin, the defense contractor that was the target of an attack on May 21, said last week the breach was the result of the data theft at RSA and that it would replace its security tokens.
Users trying to access their employer’s network from remote locations may use a SecurID device, a memory stick-like unit that generates random numbers that must be used in combination with a personal identification number to gain entry.
In a letter on its website, RSA said it is working with customers to assess whether they should replace their tokens or take other measures to boost security. RSA customers also include
financial-services providers and “virtually every company that grants access to their systems by remote access,” Stefan said.
Lockheed said May 28 that its computer network suffered a “significant and tenacious” attack that was immediately detected and stopped. No customer or program data was lost, it said.
The Federal Bureau of Investigation is leading an investigation into the attack on Lockheed’s computer network, Robert Butler, the deputy assistant secretary of defense for cyber policy, said in a June 2 interview.
EMC fell 61 cents to $27.32 yesterday in New York Stock Exchange composite trading. Before today, the shares had climbed 19 percent this year.