RSA - the security company - gets hacked
RSA, a preeminent security and encryption vendor, was itself hacked in March. How do you hack one of the most successful security companies? Send its employees phishing e-mails with malicious attachments containing the subject line "2011 Recruitment Plan."
One worker opened the Excel file attached to the e-mail, which set loose a program letting the attacker control the employee's PC. From there, the attackers roamed through RSA's systems.
The massive attack, which ensnared at least 760 companies, according to one researcher's investigation, hit RSA the hardest, rendering its popular SecurID tags less secure.
Using information obtained in the RSA hack, attackers hit the IT systems of defense contractor Lockheed Martin a few months later, in what the company called a "significant and tenacious" cyber attack on its infrastructure. -- David Goldman