It’s hacking season, ladies and gentlemen and Equifax is another victim of this breach. Earlier this month, hackers broke into Equifax’s servers and stole millions of customers’ personal information. Ever the superhero, Equifax attempted to remedy the hack by setting up a website designed to verify an affected customer. Sounds like a fool-proof plan, right? Wrong!
Equifax created a site but unfortunately, the credit bureau tweeted the wrong URL, using securityequifax2017.com instead of equifaxsecurity2017.com. This discrepancy further proves the necessity to have more security online, being that the breach-recovery site is not directly a part of Equifax. That’s a fuck up times two! Luckily for Equifax, the phishing site wasn’t working for the dark side.
Nick Sweeting, the developer of the fake phishing site, created it to expose the flaws on Equifax’s response page. Sweeting states that “I made the site because Equifax made a huge mistake by using a domain that doesn’t have any trust attached to it” and continues that “It makes it ridiculously easy for scammers to come in and build clones”.
This latest outcome proves that Equifax and, all websites in general, have some major work to do regarding customer privacy. Get your shit together Equifax.
[Via The Verge]