EQUIFAX IN THE HOT SEAT
U.S. Congressional panel grills former CEO Richard Smith over data breach that affected 145 million consumers,
“As we all painfully learned, data security is a national security problem.” RICHARD SMITH FORMER EQUIFAX CEO
WASHINGTON— House Republicans and Democrats on Tuesday lashed out at the former head of Equifax, demanding answers for the massive data breach that compromised the sensitive personal information of an estimated 145 million Americans.
Rep. Frank Pallone said that if Equifax wants to stay in business, its entire corporate culture needs to change to one that values security and transparency.
“We want answers for consumers because Equifax’s response to this breach has been unacceptable,” said Pallone, the top Democrat of the House Energy and Commerce Committee.
Republican Rep. Greg Walden of Oregon, the committee’s chairperson, said the hearing was necessary to do something that Equifax has failed to do in recent months: “Put Americans first.”
Former Equifax chairperson and CEO Richard Smith testified before a House panel, the first of four hearings on Capitol Hill this week as Congress examines what went wrong. Smith was the only witness at the hearing. No current Equifax employee testified.
The sessions typically turn into a public shaming, and this year, the Republican-led Congress has worked to ease government regulations on businesses.
“Equifax deserves to be shamed in this hearing. But we should also ask what Congress has done — or failed to do — to stop data breaches from occurring,” Rep. Jan Schakowsky said.
The revelation last month of the disastrous hack to Equifax’s computer system rocked the company which faces several state and federal inquiries and several class-action lawsuits. Smith said the company was co-operating with the FBI and state agencies.
Smith attributed the breach to human error and technological error, and said both errors have been addressed.
He also told the panel that when he first learned of the breach on July 31, company officials did not realize that personal information about consumers had been stolen. He described suspicious activity against the company’s database as routine. The public was notified of the breach on Sept. 7.
“As we all painfully learned, data security is a national security problem,” Smith said.
He said no single company can solve the problem on its own and said a system was needed that would let consumers control access to their personal data.
“Let me close by saying how sorry I am for the breach,” Smith said.
Smith, who resigned after overseeing the company for a dozen years, says Equifax was hacked by a yetunknown entity. He said the information stolen included names, social security numbers, birth dates and addresses.
In addition, the credit card information for about 209,000 consumers was also stolen as well as certain documents with personally identifying information for approximately 182,000 consumers.
Smith said he was disappointed in the rollout of call centres and a website designed to help the people affected by the breach. He said the company has increased its number of customer service representatives and the website has been improved.