Last month, Equifax disclosed that it had sensitive information from 145.5 million people compromised, leading to multiple investigations and a Justice Department probe. To serve the adware up to visitors, the hackers appear to have redirected them from Equifax's site to shady web pages that host the malicious software.
The security analyst, identified as Randy Abrams, accessed Equifax's website to report some false information on his credit report, according to Ars Technica.
Once clicked, the phony Flash reportedly downloads adware onto the user's computer that fills their internet browser with ads.
Anyone impacted by the breach is now at risk of identity theft and fraud - as any piece of this personal information can be used by, or sold to, criminals who can use it to open credit cards, take out loans, make purchases in your name - or even drain your bank accounts.
Equifax shares dropped as much as 3.5 percent Thursday after it said it has disabled one of its customer help online pages and is investigating another possible cyberbreach.
Equifax - whose multimillionaire CEO made a decision to set sail from the company weeks after the announcement that, under his watch, the information of 143 million Americans was obtained by hackers - was sending visitors of its website to the completely bogus software update.
A number of executives have left the company since then, including CEO Richard Smith.
Boy Found Safe, Three Others Found Dead In Southern Ohio Home
The Ohio Attorney General's Office has canceled the Endangered Missing Child Advisory for an 8-year-old child in southern Ohio. Three adults inside were found dead from apparent gunshot wounds, according to a news release from Sheriff Jeff Lawless.