Earlier on Thursday, Ars Technica reported that security analyst Randy Abrams was prompted to download fraudulent Adobe Flash updates when he visited the Equifax website to contest his credit report. Abrams determined that when those updates were clicked, adware would infect a visitor's computer. Abrams also encountered those links during at least three subsequent visits, according to Ars Technica.
The Web page in question allowed people to access information under the “Credit Report Assistance” heading.
The possibility of another malicious hack at Equifax comes just a week after the company's former chief executive, Richard Smith, was grilled by angry lawmakers over a massive data breach that may have compromised the sensitive information of as many as 145 million people. Equifax first disclosed that breach in September. But lawmakers and several federal agencies, including the FBI and the Federal Trade Commission, are investigating the company's response to the breach, why it took Equifax more than a month to notify the public and whether executives engaged in insider trading.
Equifax and the Internal Revenue Service also are facing pressure from lawmakers over a $7.2 million contract that Equifax was awarded, after the breach was made public, for the company to verify taxpayer identities and help prevent fraud.