Equifax continues work to add new security features and restore full access to The Work Number following a report highlighting potential security vulnerabilities in a browser-based portal of its employment verification service.
The Work Number employee portal was taken offline for servicing on Oct. 8, according to Equifax spokesperson Wyatt Jefferies.
"At that time, we also decided to accelerate the implementation of select security enhancements to our platforms which extended the service outage timeframe," he said in an email.
That's the same day cybersecurity journalist Brian Krebs published a report claiming consumer data stolen in Equifax's massive data breach earlier this year, along with an employer ID obtained from a public Equifax website, could be used to access employment history and salary data collected by The Work Number.
"Effective Oct. 16, 2017, access to The Work Number employee portal is being progressively restored and is expected to be complete over the next several days," Jefferies said.
Equifax declined to answer questions about whether the timing of the portal maintenance or the decision to add new security features were in response to the Krebs report.
The security enhancements are designed to deter unauthorized access to the employee portal.
"As access to the employee portal is restored, individuals must be re-authenticated and establish a unique PIN. Therefore, the data exposed in the cyber incident will not be sufficient to access The Work Number."
Equifax said it is unaware of any fraud related to The Work Number, but declined to answer a question about whether any unauthorized access to the employee portal had occurred.
"We were not and have not been alerted to any fraud event related to The Work Number, nor do we have any evidence that the cybersecurity incident announced on Sept. 7, 2017 impacted The Work Number database," Jefferies said.
The personal information of 145 million consumers was comprised in the Equifax breach, which occurred from May to July and disclosed to the public in September. Equifax maintains its Workforce Solutions division, which includes The Work Number, was not comprised in that incident. (Nor does the Krebs report make that claim.)
"We have found no evidence that the cybersecurity incident impacted Workforce Solutions, including The Work Number payroll data," Jefferies said. "The employee data provided to Workforce Solutions for I-9, Compliance Center, UC, WOTC, Tax Form Management, PPay ACA, and The Work Number databases were not affected."
While The Work Number is used extensively throughout the mortgage industry, it does not appear that the employee portal outage affected integrations between The Work Number and various mortgage technology platforms, including loan origination systems and the automated underwriting systems of Fannie Mae and Freddie Mac.
"It's important to understand that the employee access point for The Work Number is distinctly separate from the verifier access points," Jefferies said. "The Krebs article focused on the authentication measures for the employee portal, and used example screen shots that appear to have been pulled from an outdated training guide and not reflective of the current login process for most employee users. Our protocols continue to evolve over time, and the statement that 'much of the data needed to gain access [to The Work Number] can be found online' is incorrect."