IRS Contract on Hold After Security Breach on Equifax Website

Technology > Security

Photo via Pixabay


The Internal Revenue Service temporarily suspended its data security contract with Equifax after the malware breach on the credit bureau’s website. Equifax website has been used Thursday morning as the site to spread the Adware.Eorezo to trick customers into downloading fraudulent Adobe Flash updates. Experts were concerned that some consumers who were using the site may have been tricked into downloading the malicious software before it went offline, according to reports.

“Equifax is known publicly to have security breaches, and they are not correcting them. Why are we spending all this money to give our data to a company that has clear problems with the technology?” stressed Barbara Rembiesa, president and CEO of the International Association of IT Asset Managers.

According to security software company Symantec, Adware Eorezo is an adware program that displays advertisements in the Internet Explorer browser with a risk impact level of medium and is currently found in machines running Windows OS. 

It can only be detected by 3 out of 65 antivirus providers and can also affect mobile apps such as Gmail on Android.

“When I clicked it (from Gmail on Android) I was redirected to a spam page shortly after seeing the Equifax credit file form. I thought maybe it was an anomaly because it didn’t happen again,” stated Android user Ars Technica.

Investigations from several federal and state agencies including a criminal probe by the US Department of Justice have been initiated because of the security breach.