Senators hit Equifax's former CEO on stock sales, 'sloppy' security practices

Leigh Mccormick
October 5, 2017

"Both the human deployment of the patch and the scanning deployment did not work", Smith told Congress.

No current Equifax official testified at the hearing held by the Digital Commerce and Consumer Protection subcommittee of the House Energy and Commerce committee.

Newly retired Equifax CEO Richard Smith told House members: "As CEO, I was ultimately responsible for what happened on my watch, ".

The company is offering free credit monitoring and credit freezing for people who are concerned about their data falling into the wrong hands.

Smith says they weren't prepared to deal with so many consumers all at once.

The Internal Revenue Service signed a $7.25 million contract with Equifax last month.

The company at the center of the biggest breach of personal information just signed a contract with the federal government to provide, well, personal information.

The IRS labels Equifax as a "sole source order", which means that the agency believes the credit reporting company is the only business capable of providing the service. The company disseminated that warning by email the next day and requested that applicable personnel install the upgrade. Equifax's staff failed to patch the vulnerability because of a breakdown in communication.

Equifax and other credit rating companies were advised in March by the Department of Homeland Security's Computer Response Readiness Team that certain computer vulnerabilities required patching.

Las Vegas shooter's father was on the FBI's most wanted list
Police said Paddock had no criminal history, aside from a minor citation, so authorities had no information on the suspect. Eric believes their mother was the last one to speak with Stephen Paddock .

Equifax is trying to help consumers while also fixing its security systems, he said.

A Texas Republican, Joe Barton, suggested that companies that allow people's sensitive information to be exposed by a hack should face a fine for each person whose data is stolen.

Kelly's role in approving the stock sales-which Smith said was a company requirement before executive shares could be sold-prompted Rep.

The recently departed CEO of Equifax faces a second round of tough questions on Wednesday from USA politicians eager to hear about what he and company executives knew about the breach - and when. They're men of integrity. "Mr. Smith, it seems to me that you've accomplished something that no one else has been able to accomplish", Rep. Anna Eshoo (D-Calif.) said Tuesday.

"I worry that your job today is about damage control". Equifax since sent out a statement retracting that language and saying consumers could sue, which they have started to do.

"We experience millions of suspicious potential attacks each year", Smith said.

The company is still investigating the implications of the hack on United Kingdom customers. The Mandiant forensic review added nearly 2.5 million to the estimated list of American customers, pushing the total figure up to a massive 145.5 million people altogether.

"The slow rollout and how poor it was done", Costello said.

Other reports by

Discuss This Article