Save this content for laterSave this content on your device for later, even while offline Sign in with FacebookSign in with your Facebook account Close

Equifax pulls customer service page, cites vendor's software

By: KEN SWEET, Associated Press
October 12, 2017 Updated: October 12, 2017 at 6:12 pm
0
photo - FILE - This July 21, 2012, file photo shows Equifax Inc., offices in Atlanta. Equifax has taken down one of its web pages after reports that another part of its website had been hacked as well. The news comes as Equifax continues to deal with the aftermath of hackers breaking into its system earlier in 2017 which allowed the personal information of 145.5 million Americans to be accessed or stolen. (AP Photo/Mike Stewart, File)
FILE - This July 21, 2012, file photo shows Equifax Inc., offices in Atlanta. Equifax has taken down one of its web pages after reports that another part of its website had been hacked as well. The news comes as Equifax continues to deal with the aftermath of hackers breaking into its system earlier in 2017 which allowed the personal information of 145.5 million Americans to be accessed or stolen. (AP Photo/Mike Stewart, File) 

NEW YORK (AP) — Equifax said Thursday that problems with an online customer help page were caused by a vendor's software code and not by a cyberattack on its systems.

The company earlier said it had disabled its credit report assistance page after reports that another part of its website had been hacked.

Equifax Inc. is dealing with the aftermath of hackers breaking into its system earlier this year that exposed the personal information of 145.5 million Americans. The company is now under multiple state and federal investigations and has been sued by numerous customers in litigation likely to evolve into class-action lawsuits.

The technology news site Ars Technica initially reported that hackers had altered Equifax's credit report assistance page that would send users malicious software pretending to be Adobe Flash.

But Atlanta-based Equifax issued a statement later Thursday blaming a third-party vendor it uses to collect website performance data. The "vendor's code running on an Equifax website was serving malicious content," it said.

Equifax said the code was removed from the customer help page that it had taken the webpage offline for further analysis.

The original breach happened after Equifax did not update a piece of software known as Apache Struts after a vulnerability was identified earlier this year. Hackers were able to access Equifax's core systems through most of the summer. It wasn't until early August that Equifax executives were made aware of the breach, and it took until September for Equifax to tell the public.

Register to the Colorado Springs Gazette
Incognito Mode Your browser is in Incognito mode

You vanished!

We welcome you to read all of our stories by signing into your account. If you don't have a subscription, please subscribe today for daily award winning journalism.

Register to the Colorado Springs Gazette
Register to the Colorado Springs Gazette
Subscribe to the Colorado Springs Gazette

It appears that you value local journalism. Thank you.

Subscribe today for unlimited digital access with 50% fewer ads for a faster browsing experience.

Already a Subscriber? LOGIN HERE

Subscribe to the Colorado Springs Gazette

It appears that you value local journalism. Thank you.

Subscribe today for unlimited digital access with 50% fewer ads for a faster browsing experience.

Subscribe to the Colorado Springs Gazette

Some news is free.
Exceptional journalism takes time, effort and your support.

Already a Subscriber? LOGIN HERE

articles remaining
×
Thank you for your interest in local journalism.
Gain unlimited access, 50% fewer ads and a faster browsing experience.