Security Threat, hacker breach Lockheed Martin, using falseified security Tokens

[Chumeia]

Hackers penetrate USA weapons giant Lockheed Martin.

Gizmodo -"Lockheed Martin, one of the world's largest defense contractors, was hit hard by hackers this week who used falsified SecurID electronic tokens to gain access. The breach threatens the security of vital data on present and future military technology." May 28, 2011 11:00 AM

Reading on Gizmodo today, hackers had falsified 6 digit security tokens used by Lockheed Martin, and gained accesses to top secret weapons data. Why does this matter at all? They only hacked a weapons manufacturer, Right? Though I doubt they were doing more than black male and sight seeing, and I doubt they would sell the data, these guys haven't demonstrated that they sell data they find unless it helps other hackers.

What bothers me is simple. -6 digit security tokens. The same kind as we use. Lockheed Martin uses RSA SecurID branded. I have no idea who makes ours.

I only just finally got mine after months of waiting. Thank you to the call center support staff. But now it seems that this system may be also at risk. Although unlikely they will do us as general users any harm, if they target FFXIV or Square Enix servers in the way they have other major servers, the attacks will not stop until security stops them, or they are arrested.

This means more downtime, and we have to invest in new security technology. Maybe voice combined with Captcha?? You have to read what you see on the screen, and that creates a key? I can only guess.

Chumeia - I really hope I have posted this in the right place, I really hope its taken as seriously as it should. I also hope that the support staff are already aware of this threat and working on a solution.

If some one knows a better place to post this, let me know.

[Linkurrra]

There is no need to worry.

Square Enix Authenticators are made by www.vasco.com
They are the DigiPass Go 6 model.

Lockheed Martin was got hacked because RSA got hacked. Read Article here

What happened is RSA got hacked and their seed data that generates the codes for RSA SecureID tokens was taken. This means hackers can use this data to emulate the token that generates the code for 2 factor security for accounts.
This basically make it easier to hack an account by doing a brute force password generator until you get in.

Short story is you don't have to worry because this only affects RSA token keys. If Vasco ever gets broken into then we have something to worry about.

But your are safe right now.

Glad to know there is some ppl out there concerned about their account information