Equifax has found itself at the centre of headlines again after the credit monitoring company was forced to deny it had been the victim of another cyber attack.
It came after Equifax took down a “customer help page” from its website, an action it described as precautionary.
This week Equifax has already faced probing questions from House of Commons Treasury Committee.
But now to make worse, it discovered on Thursday that one of its third-party vendors had been running malicious code on one its web pages.
Equifax reportedly said it took the affected web page offline “out of an abundance of caution” after an independent security analyst told the website Ars Technica that he had visited Equifax’s website on Wednesday.
The researcher had found that visitors were redirected to download a fraudulent software update for Adobe Flash which if installed, would infect computers with malware.
“Equifax can confirm that its systems were not compromised and that the reported issue did not affect our consumer online dispute portal,” spokeswoman Francesca De Girolami was quoted by Reuters as saying in a statement on Thursday.
“The issue involves a third-party vendor that Equifax uses to collect website performance data, and that vendor’s code running on an Equifax website was serving malicious content,” the spokeswoman added.
Equifax also said it has removed the vendor’s code from the web page.
Do you know all about security in 2017? Try our quiz!
US and Canadian regulators looking into possible safety issues with Tesla Model 3 and Model…
Cryptocurrency-centric funds show strong gains for 2021, as assets such as Bitcoin and Ether rise…
Operators of stolen card data marketplace UniCC say they will 'retire' due to age and…