
760 other organizations hit by RSA attackers - lawnchair_larry
https://krebsonsecurity.com/2011/10/who-else-was-hit-by-the-rsa-attackers/
======
adulau
There is a debate on the list published on his blog post (check the comments).
The list seems to be an automatically generated IP/netblock to ASN
description. As an example, Team Cymru ( <http://www.team-cymru.org/> ) is
named in the blog post but they asked for more information about the data
collected without success. Maybe the false positive rate is quite high but
it's difficult to say until Brian Krebs publishes some details on how the list
was generated.

From the Team Cymru page:

 _A recent blog post appeared to draw the unsubstantiated conclusion that more
than 760 organizations were compromised with some of the same resources used
to hit RSA earlier this year. Team Cymru was one of the organizations named in
the posting.

We have no evidence of compromise related to incidents at RSA or anywhere
else. The source of the report, and those who revealed and posted it, didn't
take the time to contact us, or to share incident details with us. Thus we are
unable to investigate further. We hope that those who gathered this data will
responsibly disclose it to the potential victims.

Please note that without more details on the methodology used to determine the
list of organizations, and a scientific review of the same, it's not safe to
assume that an entry on the list means either "victim" or "false positive".
We've seen no data or methodology description that would support either case._

