Another Equifax security alert as support page leads to malicious fake Flash updates
Things have not been good for Equifax -- or its customers -- recently. Following a huge data breach earlier in the year, the credit reporting company has now suffered a new blow after it was discovered one of its support pages was redirecting to malware masquerading as Flash updates.
Just last month, Equifax revealed a security breach from May that exposed the personal details of around 145.5 million Americans and 15.2 million people from the UK. Now the company site has been found delivering fake Flash updates, and the offending page has been taken down.
Security researcher Randy Abrams noticed that the page used by customers to obtain a copy of their credit report was redirecting to a malicious website. At the time, an Equifax spokesperson said: "We are aware of the situation identified on the equifax.com website in the credit report assistance link. Our IT and Security teams are looking into this matter, and out of an abundance of caution have temporarily taken this page offline. When it becomes available or we have more information to share, we will."
Abrams shared a video with Ars Technica showing the malware in action:
It was initially thought that Equifax has suffered a hack, but it transpired that a third-party vendor was to blame. The company said:
Despite early media reports, Equifax can confirm that its systems were not compromised and that the reported issue did not affect our consumer online dispute portal. The issue involves a third-party vendor that Equifax uses to collect website performance data, and that vendor’s code running on an Equifax website was serving malicious content. Since we learned of the issue, the vendor’s code was removed from the webpage and we have taken the webpage offline to conduct further analysis.