The Internal Revenue Service has suspended its $7.25 million contract with Atlanta-based Equifax, the agency announced Friday.
The decision came a day after the company was forced to shut down one of its customer service web sites, a page that had been manipulated by hackers who had apparently placed malicious software on the site.
That hijacking was acknowledged by Equifax after the misuse of the site was reported by tech magazine Ars Technica.
The IRS, no-bid contract was granted to Equifax, “to provide fraud prevention and taxpayer identification services.” The deal was roundly criticized, since it came in the wake of disclosure of the breach in which hackers gained access to information about 145 million people.
An Equifax spokesman confirmed the suspension, saying, “Yesterday, the IRS notified us that they have issued a Stop-Work Order under our Transaction Support for Identity Management contract.”
The company believes that it is still best equipped to perform the services, saying, “We remain confident that we are the best party to perform the services required in this contract. We are engaging IRS officials to review the facts and clarify available options.”
In a prepared statement Friday, the IRS said it suspended the contract as “a precautionary step” while the agency reviews the company’s security systems.
“During this suspension, the IRS will continue its review of Equifax systems and security,” the statement reads. “There is still no indication of any compromise of the limited IRS data shared under the contract.”