Security Breach Leads IRS to Suspend $7M Contract with Equifax
An over $7 million contract recently awarded to Equifax has been temporarily suspended by the Internal Revenue Service after on Thursday, October 12, the beleaguered credit reporting agency's website had yet another security issue.
Equifax said that on Thursday one of its websites pages was shut down after a third-party vendor was discovered running malicious code on the page. This comes after a major security breach earlier this year. Last month Equifax disclosed that its systems were breached by cyber criminals between midMay and late July, who obtained sensitive data on 145.5 million people.
On Friday, October 13, a spokesperson for Equifax said, “The IRS notified us that they have issued a stop-work order under our Transaction Support for Identity Management contract.”
The spokesperson continued, “We remain confident that we are the best party to perform the services required in this contract. We are engaging IRS officials to review the facts and clarify available options.”
Since the security issues at Equifax were revealed, the IRS is the first organization to announce publicly that it is suspending a contract with the credit reporting agency.
Luckily, the incident that occurred on Thursday, did not compromise the systems of the Atlanta-based Eqiufax. The incident did involve fake pop-up windows on the agency's web page that try to trick visitors into installing software that automatically displays advertising material.
Despite this, the IRS did still decide to temporarily suspend a short-term contract for it has with Equifax for identity-proofing services. In a statement, the agency said, “During this suspension, the IRS will continue its review of Equifax systems and security.” They added that nothing has arisen to indicate that any of the IRS data that was shared with Equifax under this contract had been compromised.
Fortune reports, “The move means that the IRS will temporarily be unable to create new accounts for taxpayers using its Secure Access portal, which supports applications including online accounts and transcripts. Users who already had Secure Access accounts will not be affected, the IRS said. IRS granted the $7.25 million contract to Equifax on Sept. 29, weeks after Equifax disclosed the massive data hack that drew scathing criticism from several lawmakers.”
If you want to know how any of these breaches could affect you and the best ways to protect yourself and your sensitive information, the Federal Trade Commission published an article last month on their Consumer Information page giving consumers insight into all of this.
It states, “If you have a credit report, there's a good chance that you're one of the 143 million American consumers whose sensitive personal information was exposed in a data breach at Equifax, one of the nation's three major credit reporting agencies.
Here are the facts, according to Equifax. The breach lasted from mid-May through July. The hackers accessed people's names, Social Security numbers, birth dates, addresses and, in some instances, driver's license numbers. They also stole credit card numbers for about 209,000 people and dispute documents with personal identifying information for about 182,000 people. And they grabbed personal information of people in the UK and Canada too.”
To read the rest of this informative article visit: https://www.consumer.ftc.gov/blog/2017/09/ equifax-data-breach-what-do
You can also try to call the three credit rating bureaus directly, although it is unlikely that you will obtain an actual human to talk to. The phone numbers for these bureaus that store vital information regarding your credit are: Equifax 800349-9960, Experian 888-3973742, Transunion 888-909-8872
Last month Equifax disclosed that its systems were breached by cyber criminals between mid-May and late July, who obtained sensitive data.