RSA Says SecurID Hack Based On Phishing With Flash 0-Day

Trailrunner7 writes "RSA confirmed on Friday that the attack that compromised the company's high-value SecurID product was essentially a small, targeted phishing campaign that included a payload of a malicious Flash object embedded in an Excel file."

Re:Simple question: securid seeds?

[93+Escort+Wagon]

Dear RSA; speaking as a customer; we need a simple answer to the question:

has the securid seeds database been compromised?

anything else you announce is fluff.

We use a LOT of SecurID tokens at our university, and the group that manages them has been way too quiet since this happened. But today they sent an email out - no mention of the RSA breach, just that they have decided to "retire the SecurID tokens early to save money" and are replacing them with a different product.

So I'm guessing they think the seeds database has been compromised.