Equifax hacked again, this time by malware

Equifax hacked again, this time by malware
Posted at 3:26 PM, Oct 12, 2017
and last updated 2017-10-12 15:26:00-04

(RNN) - Equifax has been hacked again, this time by a link that will download a form of malware onto customers' computers. The hack occurred a month after the company admitted a breach that exposed the Social Security numbers and birth dates of more than 145.5 million Americans.

The website has been at least partially taken down. 

Security analyst Randy Abrams broke the story on his blog, writing that as he tried to download his credit report from the Equifax site, he clicked a link that took him to a third-party website.

It was "one of the ubiquitous fake Flash Player Update screens," he reported, according to the Los Angeles Times.

His discovery was first reported by Ars Technica. Abrams was incredulous that the same company that had suffered such a colossal hack weeks earlier had been compromised again. He told Ars Technica that he clicked the same link three times and was taken to the same bogus spam page every time.

The company said it shut down one of its customer help online pages and is actively investigating the breach. 

CNBC reported that the problem is in the credit report assistance link on its website. An Equifax spokesman told CNBC that the IT and security teams are looking into the matter and took down the site as a precaution.

The previous hack and Equifax's bungled handling in the aftermath made national news and led to the forced resignation of CEO Richard Smith on Sept. 26. Several other top-ranking executives left the company in the wake of the embarrassing security breach.

On Sept. 7, the credit monitoring company announced that the information millions of customers was stolen in July 2017. After a review, the company confirmed that information for 145.5 million customers was compromised in the hack that included names, Social Security numbers, birth dates, addresses and some driver’s license numbers; 209,000 credit card numbers and personal ID information on 182,000 consumers were accessed by the hackers. Some Canadian and United Kingdom customers also were affected.

The company set up a website so that consumers could monitor possible breaches of their information.

Copyright 2017 Raycom News Network. All rights reserved.