October 13, 2017 by

IRS Suspends Equifax Contract after Data Breach

The IRS has reportedly suspended the $7.2 million no-bid contract awarded to Equifax to verify the identity of taxpayers when they create accounts on the website.

According to Politico, the IRS has announced a short-term suspension of its contract with Equifax. The suspension means taxpayers will no longer be able to establish new accounts through ‘Secure Access’ a program which grants them access to online records and transcripts. Taxpayers who already have accounts will not be affected.

The suspension comes just over a month after Equifax disclosed a major data breach wherein hackers stole the personal information of over 145 million U.S. consumers. The breach resulted in Equifax leaking data including social security numbers, birth dates and other personally identifiable information of nearly half the U.S. population.

The IRS is reportedly planning to continue reviewing the security of Equifax’s framework and systems throughout the suspension. The suspension comes despite the IRS previously stating its ‘hands were tied’ with no choice but to keep its contract with Equifax.

Agency spokesman Matthew Leas stated:

The IRS emphasized that there is still no indication of any compromise of the limited IRS data shared under the contract. The contract suspension is being taken as a precautionary step as the IRS continues its review.

Equifax is under fire again after a security analyst discovered the website was serving up malware by redirecting users to a malicious page. However, Equifax insists that its systems were not compromised and blamed the issue ona third-party vendor.

“Equifax can confirm that its systems were not compromised and that the reported issue did not affect our consumer online dispute portal,” a spokesperson for the credit reporting agency said in a statement. “The issue involves a third-party vendor that Equifax uses to collect website performance data, and that vendor’s code running on an Equifax website was serving malicious content. Since we learned of the issue, the vendor’s code was removed from the webpage and we have taken the webpage offline to conduct further analysis.”

About the author

Image of Author

LIFARS is a digital forensics and cybersecurity intelligence firm based in New York City. LIFARS is ranked as one of the top Digital Forensics and Cyber Investigations companies in 2016 and as one of the top cybersecurity companies in the New York metropolitan area for 2015 on the Cybersecurity 500 – a directory of the hottest and most innovative companies to watch in the cybersecurity industry.

Related articles

New Ransomware ‘Spider’ Threatens Wipeout in 96 Hours

A new strain of ransomware discovered by security researchers encrypts files and gives victims a...

Read more arrow_forward

Security Researchers Discover Trove of 1.4 Billion Credentials

Security researchers at dark web monitoring firm 4iQ have stumbled upon a massive 41GB data file of...

Read more arrow_forward

Gartner Research: Cybersecurity Spending to Hit $96 Billion in 2018

Gartner has predicted worldwide security spending to increase by 8% in 2018 to hit a staggering $96...

Read more arrow_forward