Home Security IRS puts Equifax contract on hold after malware find

IRS puts Equifax contract on hold after malware find

IRS puts Equifax contract on hold after malware find Featured

The US Internal Revenue Service has temporarily suspended a short-term contract worth US$7.25 million with credit information provider Equifax for identity proofing services.

This follows the discovery that Equifax, which announced that it had suffered a breach that put the details of 145.5 million Americans at risk, was serving malware from one of its sites.

The contract was announced in the first week of October.

Equifax disclosed the breach of the data of up to 143 million Americans on 7 September. Later it said an additional 2.5 million Americans could be affected.

The IRS said in a statement that during the suspension it would continue reviewing the systems and security at Equifax.

"There is still no indication of any compromise of the limited IRS data shared under the contract," the agency said.

The awarding of the contract was questioned by Senators Ben Sasse (Republican, Nebraska) and Elizabeth Warren (Democrat, Massachusetts) in a letter sent to the IRS commissioner.

Equifax denied that it was serving malware from any part of its website and blamed a third-party vendor.

"Despite early media reports, Equifax can confirm that its systems were not compromised and that the reported issue did not affect out consumer online dispute portal," the company said in a statement.

"The issue involves a third-party vendor that Equifax uses to collect website performance data. That vendor's code running on an Equifax website was serving malicious content.

"Since we learned of the issue, the vendor's code was removed from the Web page, and we have taken the Web page offline to conduct further analysis."


Australia is a cyber espionage hot spot.

As we automate, script and move to the cloud, more and more businesses are reliant on infrastructure that has the high potential to be exposed to risk.

It only takes one awry email to expose an accounts’ payable process, and for cyber attackers to cost a business thousands of dollars.

In the free white paper ‘6 Steps to Improve your Business Cyber Security’ you’ll learn some simple steps you should be taking to prevent devastating and malicious cyber attacks from destroying your business.

Cyber security can no longer be ignored, in this white paper you’ll learn:

· How does business security get breached?
· What can it cost to get it wrong?
· 6 actionable tips



Ransomware is a type of malware that blocks access to your files and systems until you pay a ransom.

The first example of ransomware happened on September 5, 2013, when Cryptolocker was unleashed.

It quickly affected many systems with hackers requiring users to pay money for the decryption keys.

Find out how one company used backup and cloud storage software to protect their company’s PCs and recovered all of their systems after a ransomware strike.


Sam Varghese

website statistics

A professional journalist with decades of experience, Sam for nine years used DOS and then Windows, which led him to start experimenting with GNU/Linux in 1998. Since then he has written widely about the use of both free and open source software, and the people behind the code. His personal blog is titled Irregular Expression.


Popular News