Having already leaked the personal information of half the people in the entire United States, you might think things have gotten pretty much as bad as they can get for Equifax.
The firm said it took down the link for credit report assistance temporarily "out of an abundance of caution".
Equifax - the credit-reporting company that exposed the sensitive data of over 140 million people earlier this year - took one of its customer help web pages offline earlier today in response to reports that site was infecting visitors' computers with malware.
"We are aware of the situation identified on the equifax.com website", an Equifax spokesman said in a statement.
October 12, 2017: Equifax confirms it was hacked again, this time with a fake Flash installer application.
The breach led to the retirement of Equifax chief executive Richard Smith, who has remained as a consultant to the company during the investigation.
"Equifax was a portal and probably not directly hacked or compromised", he said.
The breach was first noticed by Randy Abrams, an independent security analyst that had been visiting the site to flag fraudulent activity on his credit report.
In early October, Equifax revised the number of consumers potentially impacted in the breach - bumping up the total in the U.S.to 145.5 million and reducing the number in Canada from an estimated 100,000 to 8,000.
The cyberattack occurred through a vulnerability in an open-source application framework it uses called Apache Struts.
Soon after the report surfaced the company took the web page down.
- With files from The Associated Press.