The Internal Revenue Service (IRS) has suspended a contract previously awarded to Equifax following an alleged second data breach, according to a report.
The IRS has faced controversy for awarding Equifax a $7.25 million anti-fraud contract despite the fact that the company was embroiled in a data breach controversy.
According to Politico, Equifax was contracted “to verify the identities of taxpayers when they create accounts on its website,” however their current suspension “means that taxpayers will not be able to establish new accounts through a program called Secure Access, which grants them access to online records and transcripts.”
“The IRS plans to continue reviewing the security of Equifax’s systems during the suspension,” they continued, adding, “The agency had previously said its hands were tied and it had to keep the contract with Equifax.”
Several lawmakers had criticized the IRS’ decision to award Equifax a contract, including Senate Finance Chairman Orrin Hatch (R-UT), Sen. Ron Wyden (D-OR), Rep. Suzan DelBene (D-WA), and Rep. Earl Blumenauer (D-OR), who claimed, “I was initially under the impression that my staff was sharing a copy of the Onion, until I realized this story was, in fact, true.”
In September, it was reported that Equifax had been the victim of a huge cyberattack, which left over 140 million consumers’ personal information vulnerable.
Following the attack, Equifax blamed the incident on a single employee who allegedly failed to implement a patch, despite the fact that, according to Tech Crunch, “a patch for that vulnerability had been available for months before the breach occurred.”
As previously reported:
The company faced further controversy following the discovery that Equifax’s Terms of Service included a clause in their security assistance website which barred consumers from being able to sue the company before they removed it following consumer backlash.
It was also revealed that the company had been encouraging consumers to visit the wrong security website, a fake, which could have easily been used as a phishing scam and taken more information.
This week, it was also reported that Equifax had taken part of its website offline after it was revealed that a page was redirecting users to malware.