RSA Security has announced that it will replace its SecurID tokens for most of its 40 million users.
The tokens were taken in a hack which was clearly designed to gain access to top secret defence and company sites.
Already stolen tokens were used to gain access to Lockheed Martin, the US’s largest military contractor.
Writing on the outfit’s website, the company’s executive chairman Arthur Coviello said the attack on RSA “indicated that the perpetrator’s most likely motive” was to steal security information.
The kind of information which could be used to obtain military and commericial secrets.
He said RSA had worked with military companies to replace their tokens “on an accelerated timetable” but he would be ordering the replacement of commercial tokens too.
Most Fortune 500 companies and government agencies supply the electronic tokens to employees so that they can get into computer networks from customer offices, hotels or homes.
The tokens generate random numbers.
RSA has always traded on the fact that its systems were practically impossible to hack and many companies have come to rely upon them.
However, with the system breached, RSA is suffering from a loss in company confidence.
Observers see the replacement of all tokens was a method of telling the world and its dog that everything is safe and the RSA had changed all the locks after losing the keys.