Equifax Report Referenced at Congressional Hearing

The Senate Committee on Homeland Security and Governmental Affairs has issued a report titled How Equifax Neglected Cybersecurity and Suffered a Devastating Data Breach. It was referenced repeatedly in a March 7 hearing during which Congress members castigated Equifax and Marriot executives for their negligence in failing to prevent security breaches and failure to respond appropriately. Hundreds of millions of consumers were put at risk for identity theft and bank fraud due to the breaches, the largest in U.S. history. Insider-trading charges were brought against two Equifax executives who sold stock before the public was informed about the breach. The committee report noted that one of Equifax’s own audits, conducted in 2015, specifically identified “a backlog of over 8,500 known vulnerabilities that had not been patched.” Lawmakers at the hearing talked about reviving stalled data security legislation that would require companies to better secure consumers’ data and more swiftly communicate with consumers about major cyber attacks.