Former Equifax CEO apologizes for hack

Former Equifax CEO apologizes for hack

Former Equifax CEO apologizes for hack

On Monday, the credit rating company updated the number of Americans potentially affected by the release of personal information by 3 million - to 146 million people.

- Former Equifax CEO Richard Smith told USA lawmakers on October 3 that he was "deeply sorry" for a cyber hack that was thought to have exposed personal information for 143 million customers.

Some members of Congress have already called for a change to regulation ahead of grilling former Equifax CEO Richard Smith at four separate hearings scheduled for this week. A full response began on August 2, including contacting the FBI, Smith said.

"I have no indications that they had any knowledge of the breach at the time they made the sale", he said.

The package includes free monitoring of consumer credit across all three bureaus, access to Equifax credit files, a free insurance policy to cover out-of-pocket costs associated with identity theft, and a dark web scans for consumers' Social Security numbers.

Credit reporting agency Equifax announced on October 2 that the forensic investigation of its data breach has revealed that an additional 2.5 million Americans were impacted.

Smith said one reason for the delay was that experts had told company executives that notifying the public "would provoke "copycat attempts" and other criminal activity".

"The human error was the individual who is responsible for communicating in the organisation to apply the patch, did not", Smith told the subcommittee at around the 1:05:15 mark in the video below.

A scanning mechanism that was meant to search Equifax's system and identify if the exploit was still present also failed to identify the vulnerability, which left the company vulnerable and allowed the breach to occur.

Equifax faces several state and federal inquiries and class-action lawsuits as a result of the breach.

Equifax was alerted to a software security vulnerability back in March, but failed to patch it properly for months, Reuters reports.

Representative Joe Barton, a Texas Republican, said he wants a federal law that would penalise companies in the event of attacks.

Blumenauer said the news of the Equifax breach was public in early September, giving the agency time to re-evaluate its decision.

The news follows the security firm's bungling of promoting a consumer help website,, where people could check to see if their personal information had been stolen.

I'd like to offer some advice to Equifax: Please stop telling us stuff is safe now. "Companies like Equifax need more accountability, not less", said Schakowsky, an Illinois Democrat. And, he asked, why was it that a software scanner never detected that the vulnerability went unfixed?

There are still more hearings to come - tomorrow company execs will speak with the Senate Banking committee, on Thursday they'll meet with the House Financial Services committee.

It added 2.5 million Americans to those affected by the massive security breach of its systems, bringing the total to 145.5 million people who had their personal information accessed or stolen.

Related news

[an error occurred while processing the directive]