"Advanced Persistent Threats"
I can picture it now: "APTs, you got them?" "Oh yeah baby, we're all over it."
It's a bit of a lie though. Like a good buzzword, it distorts reality. Here's how:
Advanced implies it would've been really hard to stop it, it's so advanced, so you can be excused. But maybe a security company should be able to stand up to that, no?
Persistent implies it's on-going and even harder to stop. Though cynics would say it means you're being robbed blind with your eyes open. Shame on you. But who listens to cynics anyway?
Threat implies all is not hopeless, you're not really been breached yet, it's fixable. But that's not what happened. Using another industry term, they got PWNED, and data was copied. Then it's not really a threat any longer. It's a successful breach. The crown jewels likely got sold on the black market. If you're a security company, you lost credibility. It's done. You've been had. It's all over but the shouting.
On that tangent, note what RSA doesn't call their attacker(s), but dear John does. A hack is a hack, it seems. Nice to hear what went down but we still don't know just what was compromised and what wasn't, and therefore we still must assume the token thing to be compromised.