Equifax says its systems were not compromised in the latest cyberbreach scare to hit the firm.

Shares of the credit reporting company sank earlier on Thursday after Equifax said it had disabled one of its customer help online pages and was investigating another possible cyberbreach. They closed down about 1.69 percent.

In a late afternoon email, a spokesman said, “Equifax can confirm that its systems were not compromised and that the reported issue did not affect our consumer online dispute portal.”

Earlier in the day, the consumer credit reporting company said its security teams were looking into another possible breach barely one month after it disclosed a hack that left exposed the personal information of 145.5 million people.

The company said the problem was in its credit report assistance link on its website. “We are aware of the situation,” a spokesman said earlier on Thursday. “Our IT and Security teams are looking into this matter, and out of an abundance of caution have temporarily taken this page offline.”

In its second email confirming it had not found any system compromise, Equifax said, “The issue involves a third-party vendor that Equifax uses to collect website performance data, and that vendor’s code running on an Equifax website was serving malicious content. Since we learned of the issue, the vendor’s code was removed from the webpage and we have taken the webpage offline to conduct further analysis.”

Earlier this month, Equifax said its outside security consultant had concluded an investigation into the breach, which it first detected in July. It identified more than 2 million more people were affected than originally estimated. The hack has led to multiple federal and state investigations and the departure of the company’s 12-year chief executive.

The company has said that it was warned to be prepared for further cyber attacks once word of the giant breach got out.

An independent security analyst told the website Ars Technica that he noticed the latest problem when he went to Equifax’s site on Wednesday and found out visitors were redirected to download a fraudulent software update.

Source link