October 12, 2017
NEW YORK (Reuters) - Equifax Inc said on Thursday it has taken one of its customer help website pages offline as its security team looks into reports of another potential cyber breach at the credit reporting company, which recently disclosed a hack that compromised the sensitive information of more than 145 million people.
The move came after an independent security analyst on Wednesday found part of Equifaxs website was under the control of attackers trying to trick visitors into installing fraudulent Adobe Flash updates that could infect computers with malware, the technology news website Ars Technica reported.
We are aware of the situation identified on the equifax.com website in the credit report assistance link, Equifax spokesman Wyatt Jefferies said in an email. Our IT and security teams are looking into this matter, and out of an abundance of caution have temporarily taken this page offline.
The Atlanta-based company, which has faced seething criticism from consumers, regulators and lawmakers over its handling of the earlier breach, said it would provide more information as it becomes available.
As of 1:15 p.m. (1715 GMT), the web page in question said: Were sorry... The website is currently down for maintenance. We are working diligently to better serve you, and apologize for any inconvenience this may cause. We appreciate your patience during this time and ask that you check back with us soon.
Equifax shares were down 1.2 percent at $109.18 in early afternoon trading.
Randy Abrams, the independent analyst who noticed the possible hack, said he was attempting to check some information in his credit report late on Wednesday when one of the bogus pop-up ads appeared on Equifaxs website.
His first reaction was disbelief, he said in an interview with Reuters on Thursday. Youve got to be kidding me, he recalled thinking. Then he successfully replicated the problem at least five times, making a video that he posted to YouTube.
