WASHINGTON — The top Republican and Democrat on the Senate Finance Committee sent a letter Monday to Equifax Chief Executive Richard Smith scrutinizing the breadth of the company's data breach and probing the firm's response.
“The scope and scale of this breach appears to make it one of the largest on record, and the sensitivity of the information compromised may make it the most costly to taxpayers and consumers,” wrote Senate Finance Committee Chairman Orrin Hatch, R-Utah, and the top Democrat on the panel, Sen. Ron Wyden of Oregon.
“To make matters worse, Equifax is a critical partner of the Internal Revenue Service, Centers for Medicare & Medicaid Services, the Social Security Administration and other federal agencies that are the sources and recipients of the some of the most sensitive information affecting individuals, as well as the targets of the vast majority of identity theft fraud against taxpayers,” they added.
The letter asked a series of questions, including how Equifax responded after discovering the breach, when three company executives who unloaded stock between the time the hack was discovered and when it was disclosed, and how the firm is helping consumers whose data has been compromised.
“Are there any technical barriers preventing Equifax from providing consumers the ability to opt out on the equifaxsecurity2017.com site?” the senators asked, referencing the website the company set up to address the hack.
They also asked whether Equifax plans to rely on consumers to visit the website to see if they were hacked or will notify consumers, and what sort of cyberprotections Equifax had in place.
"Please describe the resources that Equifax has focused on its own information security," the letter said.