US

Equifax Tried To Help Customers But Accidentally Sent Them To A Phony Site

[Shutterstock - iunewind]

Daily Caller News Foundation logo
Eric Lieberman Deputy Editor

Equifax, the massive credit assessment company that announced earlier in the month its systems were breached, tried to offer help through its official Twitter account, but reportedly ended up making a grave error.

After a social media user inquired about the particulars for receiving assistance, Equifax tweeted “Hi! For more information about the product and enrollment, please visit: securityequifax2017.com. -Tim,” according to The Verge.

The intended web address was “equifaxsecurity2017.com,” meaning the credit reporting firm inadvertently directed people to a wrong site, which could have had dire consequences.

Fortunately for Equifax, and customers potentially affected by the breach (estimated to be around 143 million), the other URL wasn’t embedded with malware, which could have led to further cyber infiltrations and personal information leaks. Instead, the site was purchased by Nick Sweeting, a software developer, The Verge reports, with the apparent purpose of highlighting Equifax’s mistakes while also ensuring no evil-doers tried to capitalize on the error.

“I made the site because Equifax made a huge mistake by using a domain that doesn’t have any trust attached to it [rather than hosting it on equifax.com],” Sweeting told The Verge. “It makes it ridiculously easy for scammers to come in and build clones — they can buy up dozens of domains, and typo-squat to get people to type in their info.” He added that any data inputted into his site should remain secure due to technical mechanisms he established.

Equifax seemed to make the mistake more than once.

The operator of the company’s Twitter account deleted most, if not all, of the faulty posts soon after it hit the Twittesphere, but many remained live for several hours.

The serious gaffe is just one example of the many blunders, improprieties and embarrassments that have been brought to light since the wide-scale breach was announced.

In fact, as Equifax tried to help consumers through its “www.equifaxsecurity2017.com” website, many people criticized the company for including deep in the fine print the caveat that receiving assistance may in turn legally waive their right to a lawsuit. It also included a similar stipulation in its terms and conditions contract.

New York Attorney General Eric Schneiderman was offended by such legalese, and said at the time of his discovery that he was in contact with Equifax in order to get them to change their policy. Schneiderman, along with Congress, also announced that they will look into the hacking incident in general. (RELATED: ‘Robot Lawyer’ Helping People Sue Equifax With A Few Clicks Of A Button)

Equifax’s problems didn’t just include the massive breach, and it’s ostensibly underhanded tactics to prevent inevitable litigation.

Three high-ranking executives at the corporation sold nearly $1.8 million worth of stock just days after the company detected the large-scale ordeal, according to Bloomberg. Its now-dismissed chief security officer also allegedly had a music composition degree, rather than a formal certificate in computer science, cybersecurity, or something pursuant to protecting virtual systems.

With the latest discovery of Equifax’s improper, almost dangerous online support, it’s clear, as SFGate puts, that the company is “not master of its domain.”

Follow Eric on Twitter

Send tips to eric@dailycallernewsfoundation.org.

Content created by The Daily Caller News Foundation is available without charge to any eligible news publisher that can provide a large audience. For licensing opportunities of our original content, please contact licensing@dailycallernewsfoundation.org.