The latest claims reveal that after one of the largest data breaches ever, Equifax still may not have learned its lesson about providing proper security for its customers.
Equifax - whose multimillionaire CEO chose to set sail from the company weeks after the announcement that, under his watch, the information of 143 million Americans was obtained by hackers - was sending visitors of its website to the completely bogus software update.
The firm said it took down the link for credit report assistance temporarily "out of an abundance of caution". "When it becomes available or we have more information to share, we will".
The news comes as Equifax Inc. continues to deal with the aftermath of a cyber breach earlier this year which allowed the personal information of 145.5 million Americans, and 8,000 Canadians, to be accessed or stolen. Equifax announced the massive security breach last month. As Ars Technica reports, the issue was brought to light by security analyst Randy Abrams, who discovered that the site's redirects eventually pushed a download that has been flagged for both adware and malware.
On Thursday, an Equifax spokesman told the news website Mic.com that the company's website was hacked and that its IT team had taken down the suspect webpage.
Money expert Clark Howard says rather than waiting on Equifax to get itself together, consumers should be proactive and do what they can to protect themselves from identity fraud. The United States Computer Readiness team detected and disclosed the vulnerability in March, and Equifax "took efforts to identify and to patch any vulnerable systems in the company's IT infrastructure".