At EMC's RSA Conference Europe in London today, RSA executives shared more details on the cyber attack that stole information on the company's SecurID authentication tokens in March. RSA executive chairman Art Coviello said at a press conference that two separate hacker groups worked in collaboration with a foreign government, ZDNet UK reports. He would not disclose the parties involved, but said “we can only conclude it was a nation-state sponsored attack."

According to RSA executives, no customers' networks were breached as a result of the SecurID data stolen. RSA president Tom Heiser said during a presentation at the conference it was clear that the attack was intended to go after military contractors' data.

The coordinated effort, which used a series of spear phishing attacks against RSA employees to penetrate the company's network, posing as people they trusted. The phishing attack installed a “zero-day” exploit to establish a foothold. IDG reported that the exploit used an Excel spreadsheet with an embedded malicious Adobe Flash file.

The foothold, and the tag-team attack that followed, were used to gain access to the SecurID data. However, RSA's chief security officer Eddie Schwartz said during the press conference that the intrusion was detected before any customers were attacked. According to RSA executives, the data was used in only one attack on a customer, and that attack was unsuccessful. No other customers were affected, according to RSA, despite reports that several defense contractors, including Lockheed Martin, had experienced breaches.