Still reeling from a double data breach and accusations of insider trading, the New York Times now reports that Equifax's latest problem comes via a software engineer who created a phony copy of its website about the data intrusion—which the company then included in a series of tweets. Nick Sweeting says he worked up securityequifax2017.com (a flip of the company's equifaxsecurity2017.com) to expose how easy it would be for phishers to make a copycat site. "Their site is dangerously easy to impersonate," he says. Sweeting took pics of some of the now-deleted Equifax tweets, which started around Sept. 9 and went through at least Sept. 19, per Gizmodo. The company's critical error, per cybersecurity experts who spoke to the Times: It created an entirely new site instead of a subdomain of Equifax.com, making the company's site more vulnerable to phishing.
Sweeting, who explains he was able to easily download the contents of Equifax's site using a Linux command, says his site got about 2,000 hits before getting the Twitter push, though he adds he built the site to not store consumer info, per CNN. He also made sure there was a large headline on the site alerting everyone it was fake. He says it cost him just $10 and 20 minutes of his time to create it. As for the person named "Tim" who tweeted out the wrong URL (who Sweeting thinks probably just Googled for the site address and picked up the wrong one), Sweeting doesn't think he should be harshly disciplined: "The real blame lies with the people who originally decided to set the site up badly." Equifax has apologized for the erroneous tweets, but hasn't yet commented on the domain's setup. (Meanwhile, it was revealed the company's ex-security chief has a degree in … music composition.)