RSA attackers targeted ‘760 other organisations’
Facebook and Google were also targets of the RSA attackers, a list indicates.


The hackers who hit RSA also attempted to hack over 760 other organisations, including almost 20 per cent of the current Fortune 100, a report has indicated.
RSA revealed in March it was hit by an advanced persistent threat (APT) , compromising details of its SecureID token offering and potentially placing its customers in danger.
Security experts had claimed the RSA attackers would have gone after a host of other firms. Now the Krebs on Security blog has revealed the extent of how many were hit.
Following the RSA breach, security experts were summoned to US Congress to discuss APTs and it was there a list of targeted companies was shared.
The listed firms had networks that were communicating with the same command and control (C&C) infrastructure used in the RSA hack. There were more than 300 C&Cs used in the attacks, the majority of which were located in China.
Security expert Brian Krebs said there were a number of caveats with the list, however.
"First, many of the network owners listed are internet service providers, and are likely included because some of their subscribers were hit," he wrote.
Get the ITPro daily newsletter
Sign up today and you will receive a free copy of our Future Focus 2025 report - the leading guidance on AI, cybersecurity and other IT challenges as per 700+ senior executives
"Second, it is not clear how many systems in each of these companies or networks were compromised, for how long those intrusions persisted, or whether the attackers successfully stole sensitive information from all of the victims. Finally, some of these organiaations (there are several anti-virus firms mentioned below) may be represented because they intentionally compromised internal systems in an effort to reverse engineer malware used in these attacks."
Amongst the companies listed were Amazon, BT, Cisco, CSC, eBay, EMC, Facebook, Fortinet, Google, HP, IBM, Juniper Networks, McAfee, Microsoft, Motorola, Nokia, Virgin Media, Orange, PwC, Qualcomm, Sky, Vodafone, Websense and Yahoo.
Earlier this month, RSA executives revealed the company had been targeted by two hacking groups. They said the groups were most likely funded by a nation state, yet they could not reveal which one.
Tom Brewster is currently an associate editor at Forbes and an award-winning journalist who covers cyber security, surveillance, and privacy. Starting his career at ITPro as a staff writer and working up to a senior staff writer role, Tom has been covering the tech industry for more than ten years and is considered one of the leading journalists in his specialism.
He is a proud alum of the University of Sheffield where he secured an undergraduate degree in English Literature before undertaking a certification from General Assembly in web development.
-
RSAC Conference 2025: The front line of cyber innovation
ITPro Podcast Ransomware, quantum computing, and an unsurprising focus on AI were highlights of this year's event
-
Anthropic CEO Dario Amodei thinks we're burying our heads in the sand on AI job losses
News With AI set to hit entry-level jobs especially, some industry execs say clear warning signs are being ignored
-
RSAC Conference 2025: The front line of cyber innovation
ITPro Podcast Ransomware, quantum computing, and an unsurprising focus on AI were highlights of this year's event
-
RSAC Conference 2025: AI and quantum complicate security
Organizations are grappling with the complications of adopting AI for security
-
RSAC Conference 2025 was a sobering reminder of the challenges facing cybersecurity professionals
Analysis Despite widespread optimism on how AI can help those in cybersecurity, it’s clear that the threat landscape is more complex than ever
-
RSAC Conference day three: using AI to do more with less and facing new attack techniques
-
"There needs to be an order of magnitude more effort": AI security experts call for focused evaluation of frontier models and agentic systems
News Evaluating the risks of dynamic, evolving AI networks is slow work for cybersecurity analysts
-
Cyber defenders need to remember their adversaries are human, says Trellix research head
There's a growing overlap between nation-state actors and cybercriminals, but these attackers are real people who make mistakes
-
RSAC Conference day two: A focus on new hacking tactics
From quantum to AI, experts discussed how new and experimental technologies could be used by hackers to access and decrypt sensitive data
-
RSAC Conference Day One: Vibe Is 'All In' on AI for Security
News Artificial intelligence took center stage as RSAC Conference looks at how the discussion has moved from generative AI to agentic AI