It’s only been a few weeks since credit monitoring giant Equifax announced a landmark cyberattack that compromised the personal data of millions.
The company’s security practices, response time, and management structure have all been called into question following one of the most disastrous hacks of all time. While they’ve tried earnestly to provide answers and deal with the staggering fallout, it appears another attack may have just taken place.
The bureau reported that it had taken down a customer help website after security managers noticed a potential malware attack. A statement was released on the potential hack.
“For several hours on Wednesday, and again early Thursday morning, the site was maliciously manipulated again, this time to deliver fraudulent Adobe Flash updates, which when clicked, infected visitors’ computers with adware that was detected by only three of 65 antivirus providers.”
This attack seems much tamer in comparison to the one before it. The hack that led to a plethora of lawsuits and a government investigation was originally believed to have affected as many as 143 million people. However, a recent summer review of cyber breaches revealed the actual total was closer to 145.5 million.
The original attack was believed to have taken place between May and July, though information wasn’t revealed until roughly a month after the initial discovery was made. The original breach was blamed on a single employee, according to the CEO, who reportedly had the job of applying security updates and detecting threats.
The stability of Equifax’s cybersecurity team has been under heavy scrutiny following the attack. Another one of the company’s managers resigned following the breach, and her LinkedIn profile showed no courses or degrees related to IT or data security. The profile was set to private, and the last name changed to only an initial in the wake of the hack.
Equifax offered free credit freeze services following the attack, caving to public pressure and mounting accusations of negligence.
One of the lawsuits alleges that some of the company’s preventive and protective tools were designed to upsell customers. Given that these solutions were offered when the news of the original hack broke, it added even more problems to a long list – which has since grown.
There were also rumors circulating that Equifax had the solution to their original security breach beforehand, but failed to implement it in a timely manner. A company that handles credit monitoring is a big target for hackers, as it provides social security numbers, credit card data, and more.
Equifax isn’t the only company that has felt the effects of cyber hacks in recent years. Yahoo recently announced that new data showed their 2013 breach was much worse than expected. The hack, which was originally thought to have impacted a third of the company’s user base, is now believed to have affected all users.
Equifax did see its shares drop by about $1.32 after the news of the newest breach reached the market. The same thing happened when the initial leaks were reported, though they rebounded quickly.