0wnage of the century!
Damn. I work in the IT Security industry. I just can't find myself how to tell any of our clients that they might be 0wned if they're using these tokens. Even worse, one of my online banking services uses the SecurID tokens! Fortunately, they also use a zillion extra security measures, including extra auth questions if I ever log on from a *different* PC.
Hopefully, most systems secured by these tokens have some other layer of security in addition to SecureID; some are even inaccessible from the outside. Sill a big FAIL for RSA :(