Equifax takes down Web page over adware
Equifax said Thursday that its systems were not compromised after they looked into a report by an independent researcher that one of the company’s credit assistance pages contained malicious links.
“Equifax can confirm that . . . the reported issue did not affect our consumer online dispute portal,” a spokesman for the credit reporting agency said in a statement. “The issue involves a third-party vendor that Equifax uses to collect website performance data, and that vendor’s code running on an Equifax website was serving malicious content. Since we learned of the issue, the vendor’s code was removed from the webpage and we have taken the webpage offline to conduct further analysis.”
Earlier on Thursday, Ars Technica reported that security analyst Randy Abrams was prompted to download fraudulent Adobe Flash updates when he visited the Equifax website to contest his credit report. Abrams determined that when those updates were clicked, adware would infect a visitor’s computer. Abrams also encountered those links during at least three subsequent visits, according to Ars Technica. The Web page in question allowed people to access information under the “Credit Report Assistance” heading.