Slashdot Mirror

← Back to Stories (view on slashdot.org)

IRS Suspends $7 Million Contract With Equifax After Malware Discovered (cbsnews.com)

Posted by BeauHD on from the series-of-unfortunate-events dept.

After malware was discovered on Equifax's website again, the IRS decided late Thursday that it would temporarily suspend the agency's $7.1 million data security contract with the company. CBS News reports: In September, Equifax revealed that it had exposed 143 million consumer files -- containing names, addresses, Social Security numbers and even bank account information -- to hackers in an unprecedented security lapse. The number of consumer potentially affect by the data breach was later raised to 145.5 million. The company's former CEO blamed a single careless employee for the entire snafu. But even as he was getting grilled in Congress earlier this month, the IRS was awarding the company with a no-bid contract to provide "fraud prevention and taxpayer identification services." "Following new information available today, the IRS temporarily suspended its short-term contract with Equifax for identity proofing services," the agency said in a statement. "During this suspension, the IRS will continue its review of Equifax systems and security." The agency does not believe that any data the IRS has shared with Equifax to date has been compromised, but the suspension was taken as "a precautionary step."

13 of 50 comments (clear)

  1. Yay! by thegreatbob · · Score: 3, Insightful

    Better late than never. I can't help but feel that, somehow, some sort of future disaster was just narrowly averted.

    --
    There is no XUL, only WebExtensions...
  2. EquiFax Unresponsive by pubwvj · · Score: 3, Interesting

    Equifax.com's server gives an error 500 when I try and contact them through their website. Is this them blocking people or simply more incompetence on their part?

    1. Re:EquiFax Unresponsive by ToTheStars · · Score: 2

      This may be them taking their website offline after it was hijacked to serve up malicious Flash updates (for double exploit fun).

  3. Again? by Mike+Van+Pelt · · Score: 2

    I'll take "Things that make my brain hurt" for $2000, Alex.

  4. $7.1 million is a rounding error for Equifax by rmdingler · · Score: 2

    Equifax was careless with the information of hundreds of millions of people It's trebly sad they are in the personal information protection business, but as we've learned, pretty much everybody is seemingly careless with the information of others.

    But. Malware is still being delivered on their site? I know that Einstein said only the universe and stupidity are infinite, and he's not sure about the universe, but isn't it plausible these breaches have entered the realm of corporate espionage?

    Experian and Lifelock, et al. seem to be benefiting quite largely from Equifax's misfortune.

    --
    Happiness in intelligent people is the rarest thing I know.

    Ernest Hemingway

    1. Re:$7.1 million is a rounding error for Equifax by mhkohne · · Score: 3, Interesting

      Yea, $7.1 mil IS small for them. Which means that contract wasn't about that contract, but rather about getting a foot in the door for more work in the future. So while the loss of that contract is almost irrelevant, the near-future potential that goes with it is probably quite a bit more.

      --
      A thousand pounds of wood moving at 300 feet per minute. Don't get in the way.
    2. Re:$7.1 million is a rounding error for Equifax by ninjaz · · Score: 3, Interesting

      It's certainly possible, but after the emails that came out showing that they made a special effort to run off anyone who was competent and conscientious, it's more plausible that they actually just suck that much.

      It is hard to imagine them being able to instantly become competent after so much effort was put into warding off competence.

  5. Second chance, really? by markdavis · · Score: 4, Insightful

    So it takes a SECOND breech before they decide to suspend the contract? If they have the option to suspend it now, why didn't they do it before? I think this speaks volumes about the competence of the IRS.

    How about we move to a simple flat tax with no loopholes, which would dismantle 80% of the IRS and either pass the savings onto the taxpayers or use the savings to start paying off the 20 TRILLION DOLLAR national debt?

    Even they admit they directly spend over 12 BILLION dollars a year, which goes up every year! Yet that doesn't include what it costs businesses and individuals to COMPLY with the insanely complicated tax codes. That compliance is estimated to cost the USA economy an additional $409 BILLION dollars every year. Wow, that works out to $3,500 dollars for every tax payer in the country, every year.

    https://taxfoundation.org/comp...

    https://www.usatoday.com/story...

    http://www.usdebtclock.org/

    https://fairtax.org/index

    1. Re:Second chance, really? by whoever57 · · Score: 3, Insightful

      Because "flat tax" really means "tax increase for the poor, tax cut for the wealthy".

      It's also not as simple as people would like to think. You run a business, what's a legitimate expense and what isn't? The costs of compliance (which are probably exaggerated by the site you linked to) are not going to be zero with a flat tax.

      "The Tax Foundation is funded by private donations from members, corporate donations, and donations from charitable foundation such as the Koch Foundation, Earhart Foundation, etc."

      Funded in part by the Koch Brothers. Yes, that's going to have promoting the interests of ordinary Americans as one of its most important goals.

      --
      The real "Libtards" are the Libertarians!
    2. Re:Second chance, really? by ShanghaiBill · · Score: 2

      How about we move to a simple flat tax

      A "flat tax" does nothing to make taxes less complex. 99.999% of the complexity is determining "what is income", not the single percentage calculation at the end.

      with no loopholes

      Please give us your clear, concise, and universally accepted distinction between a "loophole" and a "legitimate business expense".

    3. Re:Second chance, really? by ShanghaiBill · · Score: 2

      No write offs, thus "legitimate business expenses" don't matter.

      You just put 99% of companies out of business. They can't deduct payroll? Or cost of supplies? Cost of utilities? Now, the standard response is that, of course, they can deduct THOSE expenses, because they are LEGITIMATE. But then what about advertising expenses? R&D? Depreciation? Interest? Etc? Etc?

  6. the buck doesn't stop THERE by v1 · · Score: 2

    The company's former CEO blamed a single careless employee for the entire snafu.

    A "single employe" shouldn't be able to pull this off. If they can, then the problem isn't with the employee, it's with the process the employee is working within. If your company is set up where a single peon can ruin your business, it's past time for a come-to-jesus meeting with management.

    --
    I work for the Department of Redundancy Department.
  7. Bad link in summary by myid · · Score: 4, Informative

    The summary for this article contains a dead link labeled "discovered".

    Yesterday, Slashdot had these two articles:
    First at 11:21 AM, this first article.
    Then at 12:39 PM, this second article.

    Apparently Slashdot removed the second of those two articles, since the second one was pretty much a duplicate of the first. But Google cached it, and the cached article is here.

    So now you know where to look, to read the "discovered" article that the summary references.