RSA SecurID data loss breach

If you're a member of the Information Security community, you're probably already aware of the breach that occured to RSA Security with regards to their SecureID Token two-factor authentication solution is used by millions including government and private sector organizations.

In a public letter and separate 8-K filing with the SEC, EMC’s Executive Chairman, Art Coviello, stated that while the information stolen doesn’t enable a direct attack on SecurID customers, it “could potentially be used to reduce the effectiveness of a current two-factor authentication implementation as part of a broader attack.”

My questions around this breach are in regards to their other product offerings. Specifically their own Data Loss Prevention (DLP) and enVision, their security and information event management (SIEM). Or even their Data Protection Manager solution. 

These are solutions they sell to their customers to protect the information and prevent it from getting out of the network in the first place.

The details of this breach are still vague, and the type of information that was leaked, how it was leaked and how this impacts any of their products is still unknown.

To me, this looks worse than the Anonymous, HBGary, and WikiLeak stuff because this is a security company that is selling products to detect and prevent this very thing from occuring to both private sector as well as government agencies, and they themselves have a breach of this sort.

The next several days and weeks should be very interesting as the information becomes available.