Equifax said on Thursday that one of its third-party vendors had been running malicious code on one its web pages, but that the credit reporting agency was not the subject of another cyber attack and its systems were not compromised.
Equifax had said earlier it took the affected web page offline “out of an abundance of caution” following a report by the technology news website Ars Technica that the company’s website may have been hacked.
Atlanta-based Equifax disclosed a little over a month ago that cyber criminals had breached its systems between mid-May and late July and stolen the sensitive information of 145.5 million people.
“Equifax can confirm that its systems were not compromised and that the reported issue did not affect our consumer online dispute portal,” spokeswoman Francesca De Girolami said in a statement on Thursday.
“The issue involves a third-party vendor that Equifax uses to collect website performance data, and that vendor’s code running on an Equifax website was serving malicious content.”
The company said it has removed the vendor’s code from the web page, which was taken offline so the company can conduct further analysis.
Get Data Sheet, Fortune’s technology newsletter.
Randy Abrams, an independent security analyst, said he noticed the issue late …read more
Source:: Fortune.com – Tech