Equifax Takes Webpage That Reportedly Pushed Adware Offline

Adjust Comment Print

Visitors to the Equifax website might have encountered something a little odd Thursday afternoon. The page now says: "We're sorry... We appreciate your patience during this time and ask that you check back with us soon".

Equifax has taken a customer help page offline after concerns the company might have been breached again, the company reported Thursday.

Security researcher Randy Abrams noticed that the page used by customers to obtain a copy of their credit report was redirecting to a malicious website.

"We are aware of the situation identified on the equifax.com website in the credit report assistance link", the spokesperson said. According to Ars Technica, the now-deactivated section of Equifax's website redirected Abrams to the domain hxxp//:centerbluray.info, which tried to dupe him into downloading a fake, malware-ridden Flash update.

Abrams shared a video of what he was seeing with Ars Technica.

Kenya: Raila Odinga withdraws from election rerun
The latest development follows a High court's decision to give Presidential candidate Ekuru Aukot the green light to participate in the repeat election .

In early October, Equifax revised the number of consumers potentially impacted in the breach - bumping up the total in the U.S.to 145.5 million and reducing the number in Canada from an estimated 100,000 to 8,000.

The company said it has removed the vendor's code from the web page, which was taken offline so the company can conduct further analysis.

It has also left the company's stock in free fall with shares down 23.59 percent, or $33.67, since it's first announcement on September 7th.

The breach has prompted investigations by multiple federal and state agencies, including a criminal probe by the US Department of Justice, and it has led to the departure of the company's chief executive officer, chief information officer and chief security officer.

Earlier Thursday, GOP Rep. Patrick McHenry of North Carolina introduced a bill meant to "create uniform cybersecurity standards for credit bureaus and submit them to onsite examinations", according to his office. "Finally, it prohibits the largest credit reporting agencies from continuing to rely upon the most sensitive of Americans' personal information: our Social Security numbers".