#Fail: Equifax Tweet Sends Pwnage Victims To Fake Notification Site

From the “you have got to be kidding” department comes via ARS Technica the news that a tweet from the official Equifax Twitter account is sending people to an apparently fake notification site:

In a tweet on Tuesday afternoon, an Equifax representative using the name Tim wrote: “Hi! For more information about the product and enrollment, please visit: securityequifax2017.com.” The message came in response to a question about free credit monitoring Equifax is offering victims. The site is a knock-off of the official Equifax breach notification site, equifaxsecurity2017.com. A security researcher created the imposter site to demonstrate how easy it is to confuse a legitimate name with a bogus one. The Equifax tweet suggests that even company representatives can be easily fooled. The tweet was deleted late Wednesday morning, more than 18 hours after it went live.

The level of incompetence displayed by Equifax is beyond mind blowing. Clearly the person running their Twitter account wasn’t up to date as to what he should have been posting. But he’s just a symptom of a larger problem. Which is that Equifax is not only incompetent, but they don’t take the security of the personal information that it holds seriously. I hope the politicians and the various agencies in several countries are paying attention so that these clowns get the punishment that they deserve.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: