Equifax vendor dogged by ‘ma­li­cious con­tent’

Times Colonist - - Business -

TORONTO — Equifax Inc. is re­port­ing that a third-party vendor the credit-rat­ing agency uses to col­lect per­for­mance data on its U.S. Equifax web­site was serv­ing ma­li­cious con­tent.

“Since we learned of the is­sue, the vendor’s code was re­moved from the web­page and we have taken the web­page off­line to con­duct fur­ther anal­y­sis,” an Equifax spokesper­son said in an emailed state­ment Thurs­day.

“Equifax can con­firm that its sys­tems were not com­pro­mised and that the re­ported is­sue did not af­fect our cus­tomer-dis­pute por­tal.”

Ear­lier Thurs­day, Equifax Canada said its U.S. par­ent com­pany was tem­po­rar­ily tak­ing down one of its cus­tomer-ser­vice pages amid re­ports that hack­ers had al­tered Equifax’s credit re­port as­sis­tance page so that it would send users ma­li­cious soft­ware dis­guised as Adobe Flash.

“We are aware of the sit­u­a­tion iden­ti­fied on the equifax.com web­site in the credit re­port as­sis­tance link,” Equifax Canada spokesman Tom Car­roll said in an emailed state­ment. “Our IT and se­cu­rity teams are look­ing into this mat­ter, and out of an abun­dance of cau­tion have tem­po­rar­ily taken this page off­line.”

Car­roll did not re­spond to di­rect ques­tions about any po­ten­tial breach to Equifax Canada’s web­site.

The news comes as Equifax Inc. con­tin­ues to deal with the af­ter­math of a cy­ber breach this year that al­lowed the per­sonal in­for­ma­tion of 145.5 mil­lion Amer­i­cans, and 8,000 Cana­di­ans, to be ac­cessed or stolen.

Equifax is fac­ing in­ves­ti­ga­tions in Canada and the U.S., as well as at least two pro­posed class ac­tions filed in Canada.

Newspapers in English

Newspapers from Canada

© PressReader. All rights reserved.