This bit of news is not going to make folks hit by that massive Equifax hack feel any better. Over 148 million social security numbers along with addresses, IDs, and other pertinent data were exposed to criminals due to a big flaw in the security. You can click here to read about the breach.
The company set up a site where you could check to see if you’d been affected and to sign up for free credit monitoring. According to experts, that site has a whole lot of problems, too.
The company has already been criticized for setting up the help site at another domain, requiring users to enter six digits of their Social Security number and jump through several hoops to sign up for the monitoring service.
Now, according to ZDNet, the security help site could be easily hacked. A vulnerability in the design makes it easy to set up a fake site and direct users to it with a link that appears to be the actual site.
Researchers have notified Equifax about the problem.
Equifax made some changes in response to earlier complaints about the site. They clarified that customers who enroll in the free ID theft protection for a year will not be carried over into paid protection when it expires and that those who sign up the protection are not giving up their rights to take legal action over the breach.
I’ll keep you up-to-date on the situation as it develops.