|
Key U.S. senators demand answers on
Equifax hacking
Send a link to a friend
 [September 12, 2017]
By David Shepardson and Dustin Volz
WASHINGTON (Reuters) - Two key U.S.
senators on Monday asked Equifax Inc <EFX.N> to answer detailed
questions about a breach of information affecting up to 143 million
Americans, including whether U.S. government agency records were
compromised in the hack.
Senator Orrin Hatch, who chairs the Finance Committee, and ranking
Democrat Ron Wyden, also demanded that Equifax Chief Executive Rick
Smith provide a timeline of the breach and its discovery. They asked for
information on when authorities and the company's board were notified
and when three executives who sold stock in the company in August were
first told of the data breach.
Equifax did not immediately respond to a request for comment on the
letter. It came amid mounting scrutiny of the company's response to the
breach from lawmakers, regulators and security experts, prompting the
credit-monitoring services to issue an apology on Friday and pledge to
dedicate more resources to helping affected consumers.
"The scope and scale of this breach appears to make it one of the
largest on record, and the sensitivity of the information compromised
may make it the most costly to taxpayers and consumers," the letter
said.
Equifax announced last week that it learned on July 29 that hackers had
infiltrated its systems in mid-May, pilfering names, birthdays,
addresses and Social Security and driver’s license numbers. Cyber
security experts said it was among the largest data hacks ever recorded
and was particularly troubling due to the richness of the information
exposed.
Three days after Equifax discovered the breach, three top Equifax
executives, including Chief Financial Officer John Gamble and a
president of a unit, sold Equifax shares or exercised options to dispose
of stock worth about $1.8 million, regulatory filings show.
[to top of second column] |
Credit reporting company Equifax Inc. corporate offices are pictured
in Atlanta, Georgia, U.S., September 8, 2017. REUTERS/Tami Chappell
Equifax said in a statement last week that the executives were not
aware that an intrusion had occurred when they sold their shares.
Hatch and Wyden asked Smith to respond by Sept. 28. Other
congressional committees have announced plans to hold hearings
investigating the Equifax breach and want answers.
The senators want to know if Equifax has a chief information
security officer and over the past two years "how many times has
Equifax employed third-party cyber security experts to conduct
penetration tests of its internal and external systems?" The
senators want copies of all Equifax penetration test and audit
reports by outside cyber security firms.
Separately, a group of 20 Democratic senators asked Equifax to end
its use of forced arbitration agreements, which limit the ability of
consumers to pursue claims, and not to lobby to reverse a new rule
from the Consumer Financial Protection Bureau to limit the use of
forced arbitration in the financial services sector.
(Reporting by Dustin Volz and David Shepardson; Editing by Andrew
Hay and Jonathan Oatis)
[© 2017 Thomson Reuters. All rights
reserved.]
Copyright 2017 Reuters. All rights reserved. This material may not be published,
broadcast, rewritten or redistributed.
 |
