October 13, 2017 by

IRS Suspends Equifax Contract after Data Breach

The IRS has reportedly suspended the $7.2 million no-bid contract awarded to Equifax to verify the identity of taxpayers when they create accounts on the website.

According to Politico, the IRS has announced a short-term suspension of its contract with Equifax. The suspension means taxpayers will no longer be able to establish new accounts through ‘Secure Access’ a program which grants them access to online records and transcripts. Taxpayers who already have accounts will not be affected.

The suspension comes just over a month after Equifax disclosed a major data breach wherein hackers stole the personal information of over 145 million U.S. consumers. The breach resulted in Equifax leaking data including social security numbers, birth dates and other personally identifiable information of nearly half the U.S. population.

The IRS is reportedly planning to continue reviewing the security of Equifax’s framework and systems throughout the suspension. The suspension comes despite the IRS previously stating its ‘hands were tied’ with no choice but to keep its contract with Equifax.

Agency spokesman Matthew Leas stated:

The IRS emphasized that there is still no indication of any compromise of the limited IRS data shared under the contract. The contract suspension is being taken as a precautionary step as the IRS continues its review.

Equifax is under fire again after a security analyst discovered the website was serving up malware by redirecting users to a malicious page. However, Equifax insists that its systems were not compromised and blamed the issue ona third-party vendor.

“Equifax can confirm that its systems were not compromised and that the reported issue did not affect our consumer online dispute portal,” a spokesperson for the credit reporting agency said in a statement. “The issue involves a third-party vendor that Equifax uses to collect website performance data, and that vendor’s code running on an Equifax website was serving malicious content. Since we learned of the issue, the vendor’s code was removed from the webpage and we have taken the webpage offline to conduct further analysis.”

About the author

Image of Author

LIFARS is the global leader in Digital Forensics and Cyber Resiliency Services. Our experience spans two decades working on high profile events, often in concert with Law Enforcement Agencies around the world. Our proprietary methodology derives directly and indirectly from our experience working with and for U.S. Intelligence Agencies, Interpol, Europol, and NATO. We are solely dedicated to Cyber Resiliency and thus pay close attention to all aspects of our clients’ engagements experience while providing a strategic and integrated array of services to minimum risk and disruption while protecting your brand.

Related articles

Snapchat Phishing Attack Swipes Credentials of Over 50,000 USers

Details have emerged on a phishing attack which saw hackers steal the credentials of over 50,000...

Read more arrow_forward

$3 Million in Cryptocurrency: Hackers Pull Off “One of Biggest Mining Operations” Ever

Hackers targeting the servers of popular open source Java-based automation program Jenkins CI have...

Read more arrow_forward

Cyberattacks Cost Up to $109 Billion in 2016: White House Report

In a report on Friday, the White House Council of Economic Advisers estimated that malicious cyber...

Read more arrow_forward