(Bloomberg) -- It wasn’t us.
Equifax Inc. said it was a third-party vendor that served malicious content on its website and it has taken the page offline to conduct further analysis.
“Equifax can confirm that its systems were not compromised and that the reported issue did not affect our consumer online dispute portal,” Wyatt Jefferies, a spokesman for Equifax said in an email.
The unidentified third-party vendor was responsible for collecting website performance data and had code running on Equifax’s website, Jefferies said. An independent security analyst found on Thursday that the removed page had been altered to trick visitors into installing malware, according to a report on technology news website Ars Technica.
Equifax shares had dropped as much as 3.6 percent, the most intraday since Sept. 15, after the company said its security team was investigating reports of another possible cyber attack. The company is still reeling from the massive data breach it disclosed last month that compromised the private data of more than 145 million Americans.