After Equifax discovered that one of its vendors was serving up malware, the Internal Revenue Service has, for the time-being, suspended the a more than $7 million contract for security services that it had inked with the credit rating company.
"Following new information available today, the IRS temporarily suspended its short-term contract with Equifax for identity proofing services," the IRS said in a statement, noting that during the interim the agency "will continue its review of Equifax systems and security."
The suspended contract means that the agency can't create Secure Access accounts, although the IRS said current Secure Access users aren't affected.
In the aftermath of a massive breach at Equifax that exposed the data of 145.5 million American consumers, an independent security researcher reported the possibility of a second incident, prompting the company to takedown a webpage.
"Since we learned of the issue, the vendor's code was removed from the webpage and we have taken the webpage offline to conduct further analysis," Equifax said at the time.