In the meantime, reactions are pouring in from customers and the information security community in general, some saying to prepare for the worst, and some brushing it off as not-so-serious incident.
One expert commented that “If ‘the keys to the kingdom’—the public serial number to secret key mapping database—had NOT been compromised, there would be zero danger to users of RSA’s SecurIDs." At the same time another expert says doesn’t believe the incident is a game changer. “It's serious news that RSA's SecurID solution has been the target of an advanced persistent threat. But It's not a game-changer. Anybody who says it is, is an alarmist.”
So what are others saying and doing in the meantime while they wait for answers from RSA on the SecurID system being attacked?"
Link to Original Source