Attacks/Breaches

10/5/2017
02:30 PM
50%
50%

Equifax Lands $7.25 Million Contract with IRS

The embattled credit monitoring agency will provide taxpayer identification verification and fraud prevention services to the federal tax agency.

Equifax has received a $7.25 million contract from the Internal Revenue Service (IRS) to verify the identities of taxpayers and provide fraud prevention services, according to a Politico report.

The credit monitoring agency, which has been under siege by consumers and legislators since it disclosed its massive breach of sensitive personally identifiable information on up to 145.5 million Americans, was awarded the deal under a no-bid contract on Sept. 30, which marks the end of the fiscal year for the federal government. Equifax disclosed its breach on July 29.

Legislators took the IRS to task for its decision to issue a contract to Equifax. "In the wake of one of the most massive data breaches in a decade, it's irresponsible for the IRS to turn over millions in taxpayer dollars to a company that has yet to offer a succinct answer on how at least 145 million Americans had personally identifiable information exposed," Orrin Hatch, (R-Utah) and Senate Finance chairman, was quoted in Politico.

Read more about the IRS contract here.

 

Join Dark Reading LIVE for two days of practical cyber defense discussions. Learn from the industry’s most knowledgeable IT security experts. Check out the INsecurity agenda here.

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
HowardE668
50%
50%
HowardE668,
User Rank: Apprentice
10/11/2017 | 6:06:44 AM
This story is from The Onion, right?
I'm sure that this story is copied from The Onion, right> 
REISEN1955
100%
0%
REISEN1955,
User Rank: Ninja
10/9/2017 | 3:47:34 PM
Re: Why?
"Government is not the solution to the problem.  Government IS the problem"  --- Ronald Reagan.  This is ample proof that government knows NOTHING.,
djvimaxasli
50%
50%
djvimaxasli,
User Rank: Apprentice
10/8/2017 | 10:05:59 AM
Re: Why?
Informative article, just what I wanted to find.
tcubed
50%
50%
tcubed,
User Rank: Apprentice
10/6/2017 | 10:37:15 AM
Thanks
Our government looking out for us, what could possibly go wrong...
REISEN1955
50%
50%
REISEN1955,
User Rank: Ninja
10/6/2017 | 7:12:28 AM
Why?
Nothing more be said. 
Valentine's Emails Laced with Gandcrab Ransomware
Kelly Sheridan, Staff Editor, Dark Reading,  2/14/2019
High Stress Levels Impacting CISOs Physically, Mentally
Jai Vijayan, Freelance writer,  2/14/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
How Enterprises Are Attacking the Cybersecurity Problem
How Enterprises Are Attacking the Cybersecurity Problem
Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-8423
PUBLISHED: 2019-02-18
ZoneMinder through 1.32.3 has SQL Injection via the skins/classic/views/events.php filter[Query][terms][0][cnj] parameter.
CVE-2019-8424
PUBLISHED: 2019-02-18
ZoneMinder before 1.32.3 has SQL Injection via the ajax/status.php sort parameter.
CVE-2019-8425
PUBLISHED: 2019-02-18
includes/database.php in ZoneMinder before 1.32.3 has XSS in the construction of SQL-ERR messages.
CVE-2019-8426
PUBLISHED: 2019-02-18
skins/classic/views/controlcap.php in ZoneMinder before 1.32.3 has XSS via the newControl array, as demonstrated by the newControl[MinTiltRange] parameter.
CVE-2019-8427
PUBLISHED: 2019-02-18
daemonControl in includes/functions.php in ZoneMinder before 1.32.3 allows command injection via shell metacharacters.