RSA SecurID Do Over

RSA SecurID Do Over

  • Comments 4
  • Likes

Ned here. If you are using RSA SecurID, you’re probably aware they were compromised several months ago. You may also have heard that since then, hackers have been using that stolen info to attack or compromise various organizations. What you may not know is RSA is now issuing replacement tokens for their customers. The catch is you need to contact them; they are not necessarily going to contact you. More info from their executive chairman here:

1-800-782-4362, Option #5 for RSA, Option #1 for the RSA SecurID Remediation Program
1-800-543-4782, Option #5 for RSA, Option #1 for the RSA SecurID Remediation Program
+1-508-497-7901, Option #5 for RSA, Option #1 for RSA SecurID Remediation Program

None of this is directly AD or Microsoft-related, but I’d be remiss if I didn’t spread the word – RSA has a large customer base. That said, if you’re interested in alternatives, here’s some reading on understanding and deploying two-factor smartcard authentication:

Ned “fobbing any questions off on Jonathan” Pyle

  • Thanks for the heads up. We use RSA on our infrastructure servers and this is the first I've heard about this!

  • Our pleasure Chad.

  • We got an email back in March from RSA saying something like: "We (RSA/EMC) have been hacked. Ensure you have a strong PIN- and lockout policy, but don't worry. YOU are safe.  PS! give us a call".

    We never got any info from EMC that there has been successful attacks and that they now where issuing replacement tokens until you said it :o

    "...None of this is directly AD or Microsoft-related.." but you do have templates/support to use RSA fobs in conjunction with ISA/UAG so you are justified to spread the word :)

  • Double-yikes. Hopefully the word spreads - this little site is only popular in TechNet terms, not WordPress or Blogger terms. :-D