Stolen Data Is Tracked to Hacking at Lockheed
Christopher Drew writes in the New York Times:
Lockheed Martin said Friday that it had proof that hackers breached its network two weeks ago partly by using data stolen from a vendor that supplies coded security tokens to tens of millions of computer users.
Lockheed’s finding confirmed the fears of security experts about the safety of the SecurID tokens and heightened concerns that other companies or government agencies could be vulnerable to hacking attacks.
The tokens, which are used to protect remote access to computer networks, are sold by the RSA Security Division of the EMC Corporation. RSA officials said Friday that they accepted Lockheed’s findings and were working with customers to offset the risks through other measures.
RSA disclosed in March that hackers had stolen data that could compromise a company’s SecurID system in a broader attack, and the breach of Lockheed, the nation’s largest defense contractor, is the first time that is known to have occurred.