POST Online Media Lite Edition


Equifax takes down web page after new security scare

Staff Writer |
Equifax said it took down a web page and began investigating a possible cyber incident, weeks after the credit agency disclosed a breach of personal data affecting some 145 million people.

Article continues below

The company, whose disclosure last month sparked an outcry and a congressional investigation, issued a statement after a news report said malware was installed on one of the credit reporting agency's web pages.

The news site Ars Technica, citing an independent security analyst, reported visitors to the Equifax site were being tricked into downloading an "adware" program which, when installed, delivers unwanted marketing messages.

"We are aware of the situation identified on the website," an Equifax spokesman said in a statement.

"Our IT and security teams are looking into this matter, and out of an abundance of caution have temporarily taken this page offline."

A short time later, Equifax said the issue related to a third party vendor it uses to monitor web performance.

The vendor's code running on an Equifax website "was serving malicious content," according to the updated Equifax statement, which added that the page was taken offline for analysis.

"Equifax can confirm that its systems were not compromised and that the reported issue did not affect our consumer online dispute portal," the company said.

What to read next

Equifax failed to install important security patch
Key security executives leaving Equifax after security breach
FTC investigating Equifax data breach