Equifax takes down Web page over ad­ware

The Washington Post - - ECONOMY & BUSINESS - — Hamza Shaban

Equifax said Thurs­day that its sys­tems were not com­pro­mised af­ter they looked into a re­port by an in­de­pen­dent re­searcher that one of the com­pany’s credit as­sis­tance pages con­tained ma­li­cious links.

“Equifax can con­firm that . . . the re­ported is­sue did not af­fect our con­sumer on­line dis­pute por­tal,” a spokesman for the credit re­port­ing agency said in a state­ment. “The is­sue in­volves a third-party vendor that Equifax uses to col­lect web­site per­for­mance data, and that vendor’s code run­ning on an Equifax web­site was serv­ing ma­li­cious con­tent. Since we learned of the is­sue, the vendor’s code was re­moved from the web­page and we have taken the web­page off­line to con­duct fur­ther anal­y­sis.”

Ear­lier on Thurs­day, Ars Tech­nica re­ported that se­cu­rity an­a­lyst Randy Abrams was prompted to down­load fraud­u­lent Adobe Flash up­dates when he vis­ited the Equifax web­site to con­test his credit re­port. Abrams de­ter­mined that when those up­dates were clicked, ad­ware would in­fect a visi­tor’s com­puter. Abrams also en­coun­tered those links dur­ing at least three sub­se­quent vis­its, ac­cord­ing to Ars Tech­nica. The Web page in ques­tion al­lowed peo­ple to ac­cess in­for­ma­tion un­der the “Credit Re­port As­sis­tance” head­ing.

Newspapers in English

Newspapers from USA

© PressReader. All rights reserved.