A massive cyber attack that exploited a vulnerability in RSA’s SecurID tags occured earlier this year may have also victimized other big-named companies. According to this article, 760 organizations were affected by this hack on the RSA. Companies such as Amazon, IBM, Intel, Yahoo, Cisco, Google, Facebook, and Microsoft were victimized by this attack. Government agencies were affect as well, like the European Space Agency, the IRS, and the General Services Administration.
“The list [of affected companies] is the first glimpse into the pervasiveness of the attack that brought RSA to its knees. Those in the security industry have long suspected that RSA was not the hack’s only victim, but no other companies have been willing to talk publicly about whether they had also been compromised…The list of affected companies was obtained from a breached ‘command and control’ server, the name for a machine that hackers use to direct the fleets of compromised PCs that they have gained control over.”
It is unclear how far the hackers were able to penetrate each compromised business’ systems. But the RSA definitely got in huge trouble for not catching this vulnerability earlier. The hackers used a breached server to plant malware that gave them access to RSA’s systems. Certain companies that were willing to talk about the hack, like Microsoft and Wells Fargo, said they haven’t seen any evidence of attacks on their systems. Experts say that companies should still be concerned even though they haven’t actually been attacked. We have yet to see if the affected companies that will be further attacked by this large hack.