NEW YORK (Reuters) – Equifax Inc mentioned on Thursday it has taken considered one of its buyer assist web site pages offline as its safety staff appears into stories of one other potential cyber breach on the credit score reporting firm, which just lately disclosed a hack that compromised the delicate data of greater than 145 million folks.
The transfer got here after an impartial safety analyst on Wednesday discovered a part of Equifax’s web site was underneath the management of attackers attempting to trick guests into putting in fraudulent Adobe Flash updates that would infect computer systems with malware, the know-how information web site Ars Technica reported.
“We’re conscious of the state of affairs recognized on the equifax.com web site within the credit score report help hyperlink,” Equifax spokesman Wyatt Jefferies mentioned in an e-mail. “Our IT and safety groups are trying into this matter, and out of an abundance of warning have quickly taken this web page offline.”
The Atlanta-based firm, which has confronted seething criticism from customers, regulators and lawmakers over its dealing with of the sooner breach, mentioned it could present extra data because it turns into accessible.
As of 1:15 p.m. (1715 GMT), the online web page in query mentioned: “We’re sorry… The web site is at present down for upkeep. We’re working diligently to higher serve you, and apologize for any inconvenience this may increasingly trigger. We admire your persistence throughout this time and ask that you simply verify again with us quickly.”
Equifax shares have been down 1.2 % at $109.18 in early afternoon buying and selling.
Randy Abrams, the impartial analyst who seen the attainable hack, mentioned he was making an attempt to verify some data in his credit score report late on Wednesday when one of many bogus pop-up adverts appeared on Equifax’s web site.
His first response was disbelief, he mentioned in an interview with Reuters on Thursday. “You’ve received to be kidding me,” he recalled considering. Then he efficiently replicated the issue at the very least 5 occasions, making a video that he posted to YouTube.
Equifax’s safety protocols have been underneath scrutiny since Sept. 7 when the corporate disclosed its techniques had been breached between mid-Could and late July.
The breach has prompted investigations by a number of federal and state companies, together with a prison probe by the U.S. Division of Justice, and it has led to the departure of the corporate’s chief government officer, chief data officer and chief safety officer.
As a credit score reporting company, Equifax retains huge quantities of shopper information for banks and different collectors to make use of to find out the probabilities of their prospects’ defaulting.
Reporting by John McCrank; Enhancing by Invoice Rigby