Adware Hits Equifax Website

From PC Mag: Credit reporting agency Equifax already earned its place in the history books for a "cybersecurity incident" that impacted more than half of all adult Americans. Names, Social Security numbers, birth dates, addresses, and driver's license numbers were all exposed through the company's website.

This week, it seemed the Equifax site was compromised yet again. As Ars Technica reports, for several hours on Oct. 11, anyone visiting the Equifax website may have been presented with a Flash Player update prompt. It was fake, and installed adware (specifically Adware.Eorezo). Independent security analyst Randy Abrams discovered the hack and managed to trigger it several times yesterday.

The situation was made worse because only three antivirus providers (of 65) detected the adware being used and offered protection (Panda, Symantec, and Webroot). Everyone else was left with an infected machine or domains flagged as suspicious by security suites.

In a statement, Equifax said "its systems were not compromised and that the reported issue did not affect our consumer online dispute portal.

View: Article @ Source Site