Former Equifax CEO Hit Hard by House Financial Services Over Massive Data Breach
In the hot seat for the fourth time in three days, former CEO Richard Smith was chastised by Democrats and Republicans on the House Financial Services Committee at a Thursday hearing on the theft from Equifax of personally identifiable information on 145.5 million Americans. As in the other hearings (see 1710040039 and 1710030034), committee members pressed Smith, who again apologized and was consistent with answers, about the company's lag in announcing the incident, why the website vulnerability wasn't fixed immediately, the selling of stock by three executives right after Smith was notified of the activity, and problems with rolling out remediation services to affected customers. Rep. Ann Wagner, R-Mo., who chairs the Oversight and Investigations Subcommittee, said she'll be "closely monitoring the additional facts." She's more "disturbed or harsh" than her colleagues because she was a victim of tax identity theft over the past year: "For me, this isn't just another data breach, it is a breach of trust." Smith's status as essentially an unpaid spokesman to deal with the fallout after he retired two weeks ago troubled ranking member Maxine Waters, D-Calif., who said: "Your being here today doesn't do much for us." Rep. Carolyn Maloney, D-N.Y., said she wrote to the other credit reporting agencies, TransUnion and Experian, about their practices to patch vulnerabilities. She said Experian responded that it immediately implemented the patch and its system shuts down automatically if a patch isn't implemented. She asked Smith why Equifax's system didn't work the same, but moved to another question before he could answer fully.