The company's leadership knew they had been breached in a sophisticated APT-style attack, but it was unknown whether the attackers had gained access to the cryptographic keys needed to decrypt sensitive client data. It was March of 2011, and security vendor RSA was the target of an attack that compromised sensitive data related to the company's flagship SecurID product.
Article Link: Malicious Life Podcast: Ten Years On - Are We Doing Security Right?