SOURCE


A lot of us in IT and banks use these....

Not much about the remedy in the article, but extra precaution is needed methinks.

"RSA said the information stolen could reduce the effectiveness of this two-factor authentication system if a company came under a broader attack by malicious hackers.

This could potentially put a lot of people at risk as RSA claims to have millions of people using its security technology to secure online accounts and access to corporate systems.

RSA recommended that firms monitor social network sites to spot if hackers were trying to capitalise on what they now know about RSA's systems.

This could be because hackers have got information about who has which token and might try to exploit that to trick employees into giving them access."

Credit Suisse seems to be switching private banking customers from the token based system to sending a one-time code to our Handy. Not sure I like this solution as I have to receive an SMS when I travel internationally just to check my account.

fduvall