Surprise! The Equifax site was hacked AGAIN
Inside Subprime: October 12, 2017
By Caroline Thompson
For the second time in less than six months, credit bureau Equifax has fallen victim to hackers. As we’ve reported many times in the past few weeks, Equifax revealed back in August that the personal data of 143 million Americans had been compromised after shoddy website protections allowed scammers to gain access to consumer names, birth dates, social security numbers and addresses. A few weeks later, the company admitted the number of hacked accounts was actually 2.5 million more than it had originally thought, meaning that 145.5 million Americans must now live for the rest of their lives on high alert for identity theft and fraud.
While testifying in front of Congress last week, newly “retired” Equifax CEO promised the company was doing everything in its power to increase security on their site. This fell a little flat, considering that just a few weeks ago, their support team was caught accidentally sending hack victims to a phishing site. Given the company’s obvious technological failures, it should come as no surprise that their website has, once again, been hacked.
Independent security analyst Randy Adams discovered the hack last night when he went to dispute a claim on his Equifax report, and found the page redirected to hxxp//:
It seems Equifax’s site had been infiltrated by scammers attempting to trick unsuspecting Equifax customers (read: victims) into downloading malware which, according to Engadget, “inundates Internet Explorer with advertisements.”
An Equifax spokesperson said they are aware of the issue and have taken affected pages offline:
“We are aware of the situation identified on the equifax.com website in the credit report assistance link. Our IT and Security teams are looking into this matter, and out of an abundance of caution have temporarily taken this page offline. When it becomes available or we have more information to share, we will.”