EMC Executive Vice President and Chief Financial Officer David Goulden, in a conference call with analysts last month, said the $66.3 million, taken as a charge against second quarter earnings, covered costs to investigate the attack, harden its IT systems and monitor transactions of corporate customers anxious that their SecureID security tokens had been compromised as well as the cost to replace some of the tokens.
In the call, Goulden said the company's investigation of the breach suggests the attackers sought information on its government and military accounts, and not financial data.
"The suspicion that our attacker was targeting the defense sector was reinforced in June when Lockheed Martin disclosed an unsuccessful attack on its systems that utilized, among other elements, information taken in the attack on RSA," Goulden said. "Lockheed Martin had implemented many security measures, including our best practices, and successfully detected and thwarted this attack. Subsequently, they accelerated their plans for token replacements to complete their SecurID remediation." (see Lockheed Attack Linked to RSA?)
New reports surrounding RSA's March breach, as well as digital assaults on other companies - Goulden specifically noted hacks on Google, Sony, Epsilon, the Australian government and PBS - have raised jitters among RSA customers. "The publicity resulted in many customers' risk tolerance going down whilst their level of awareness and concern went up," he said.
Despite the breach and customer anxiety, revenue for SecurID and RSA's security business grew in the second quarter by 13 percent from a year earlier, that's up from the 8 percent year-to-year growth rate posted in the first quarter.
Goulden suggested RSA's quick reaction to the breach that unnerved some customers was well received by them. He said RSA began to notify customers within hours after the company determined its systems had been breached. "Importantly, customers continue to tell us that they understand what happened, are comfortable with our communication and appreciate how we are working with them to ensure their SecurID environments are effective," he said.