Congress Grills Equifax Ex-CEO on Breach

Jon Howard
October 5, 2017

"It appears that the breach occurred because of both human error and technology failures", former CEO Richard Smith said in written testimony released on Monday by the Energy and Commerce Committee. In addition to the hearings, the hack has prompted state attorneys general and several federal agencies to examine the data breach and the company's response.

One of the problems is that not all of Equifax's large team may have been professionals, including the leaders.

"We experience millions of suspicious potential attacks each year", Smith said.

As part of its offering, LifeLock purchases credit monitoring services from Equifax, according to SEC filings Warren and her staff reviewed.

It was the second congressional hearing in as many days where Smith has attempted to explain the scandal that occurred at one of the three main credit reporting companies. Credit freezes-which have been widely recommended in the wake of the Equifax breach as a way to prevent identity theft-typically cost between $3 and $10, and fees are also charged anytime a customer wants to lift or reinstate a freeze.

"Until we get those answers, Equifax should not be rewarded for reckless data protection with a $US7.25 ($9) million IRS contract".

The company has said that it believes that hackers accessed Equifax Canada's systems through a consumer website application intended for use by USA consumers.

Mark Salling Cops Plea in Child Porn Case
While initially facing a 20-year jail term, TMZ reported that prosecutors were seeking a sentence of between four and seven years. The celebrity was arrested for possession of child pornography in late December 2015.

In July, after the IRS chose to replace Equifax with another company's successful bid, Equifax challenged the procurement. "The scale of this hack was enormous and we struggled with the initial effort to meet the challenges that effective remediation posed", Smith said.

"When companies like Equifax mess up, senior executives like you should be held personally accountable and the company should pay mandatory and severe financial penalties for every consumer record that's stolen", Warren said.

White House Cybersecurity Coordinator Rob Joyce said Wednesday that using a person's Social Security number as an identifier or access control is "just a horrific idea".

ATLANTA-Months after hackers gained access to the personal data of millions of American, Canadian and U.K consumers through Equifax's website, the company disclosed the massive cyberattack to the public.

Smith offered a timeline of what went wrong, saying the Department of Homeland Security warned the company on March 8 about the need to patch a particular vulnerability in software used by Equifax and other businesses. Congress must pass legislation to protect consumers by setting a better standard for public disclosure over security breaches, requiring improved protection of sensitive information, and strengthening oversight of credit bureaus like Equifax and the others. "I take full responsibility", he said.

Kelly's role in approving the stock sales-which Smith said was a company requirement before executive shares could be sold-prompted Rep.

Other reports by PlayStation Move reviews

Discuss This Article

FOLLOW OUR NEWSPAPER