The IRS has temporarily suspended its $7 million contract with Equifax following reports of new security issues.
The tax agency said late Thursday that it’s putting the deal on hold “as a precautionary step.”
“During this suspension, the IRS will continue its review of Equifax systems and security,” the agency said in a statement, adding that “there is still no indication of any compromise of the limited IRS data shared under the contract.”
Earlier Thursday, Equifax had to take down a webpage after a security analyst said he was targeted with a malicious ad while visiting the site.
The credit monitoring agency is still dealing with fallout from a massive security breach that may have exposed the personal data of up to 145.5 million people.
Senators Ben Sasse, a Republican from Nebraska, and Elizabeth Warren, a Democrat from Massachusetts, raised concerns about the IRS contract last week in a letter to the agency’s commissioner.
“Right now, no businesses or consumers in Massachusetts or Nebraska would blindly trust Equifax to protect against fraud or handle sensitive personal information,” they wrote. “It is surprising that the IRS would choose to do so given its legal obligations to protect Americans’ privacy.”
The agreement, finalized in late September, said Equifax would help the agency with verifying taxpayers’ identities.
“Halting Equifax’s no-bid contract is a no-brainer. I’m pleased that the IRS has temporarily suspended the contract but the 145 million Americans who had their data stolen still need fast and clear answers from Equifax and the IRS,” Sasse said in a statement Friday.
An Equifax spokesperson said that the company is working with IRS officials “to review the facts and clarify available options.”
“We remain confident that we are the best party to perform the services required in this contract,” the spokesperson said.