Ars Technica had reported that an independent researcher spotted a credit report assistance page delivering the infected file, which some analysts thought might be tied to an ad network or analytics provider used by the credit reporting agency. Equifax said it took the site offline after suspicious activity was detected. Well, you'd be wrong, because the company's website was just hit with yet another huge issue, this time redirecting visitors to a fake Flash update which has been linked to adware and malware.
Equifax officials on Thursday confirmed that it had taken down the web page, but did not confirm the rest of the report or offer other details. The latest claims reveal that after one of the largest data breaches ever, Equifax still may not have learned its lesson about providing proper security for its customers. "When it becomes available or we have more information to share, we will".
We are aware of the situation identified on the equifax.com website in the credit report assistance link.
After the first breach was disclosed in September, several actions were taken. Many websites use analytics companies to track people who visit their sites.
"Despite early media reports, Equifax can confirm that its systems were not compromised", Marisa Salcines, a spokeswoman for the company, said in a statement.
In early October, Equifax revised the number of consumers potentially impacted in the breach - bumping up the total in the U.S.to 145.5 million and reducing the number in Canada from an estimated 100,000 to 8,000.