"Why in the world should you get a no-bid contract right now?" Sen.
Former Equifax CEO Richard Smith testifying before the House Energy and Commerce subcommittee on Tuesday. "We're engaged with the Federal Bureau of Investigation", he said. This week, former Equifax CEO Richard Smith, who retired in the wake of the breach, is being grilled by lawmakers over the major infiltration and its impact on American consumers. However, Smith said, the system failed to identify any vulnerabilities.
"This is considered a critical service that can not lapse", the IRS explains.
The Equifax data breach that leaked information on the now-145 million people was caused by a vulnerability in Apache's Struts system. The statement confirmed that the renewal was awarded to Equifax to prevent a lapse in service.
"This action was to establish an order for third party data services from Equifax to verify taxpayer identity and to assist in ongoing identity verification and validations needs of the [Internal Revenue] Service".
"Equifax is making money-millions of dollars-off its own screw-up", Warren told Smith during the hearing. He resigned after the breach was announced. Smith will also testify in two other congressional hearings during the week.
But he also sought to play down the severity of the problems that had led to the breach, defended the company's response to the crisis and deflected questions about how far Equifax would go to compensate consumers who were financially harmed.
"A gold mine for hackers should be a digital Fort Knox when it comes to security", Brown said. "Credit reporting agencies need embedded regulators to protect consumers sensitive information".
Lawmakers from both parties said it's time to enact tougher rules for data security.
An Illinois representative said it is "ludicrous" to think those whose personal information was exposed won't be harmed.
Barton said it's time "some teeth" be imposed on the federal level, possibly by requiring credit agencies to pay consumers when their accounts are hacked. But Equifax is offering free credit-monitoring services for one year and will unveil a new service next year allowing consumers to freeze and unfreeze their credit information at no charge for life.
And Smith never properly explained the delay in informing the public and other parts of the bungled response, including inadequate staffing of the call centers that left consumers who called in angry and frustrated.
According to new reports, the number of affected customers has now hit 148 million - meaning that an additional 2.5 million people have been impacted. The company originally reported previous year that 1 billion consumers were affected.
"As soon as we had enough information to begin notification, we took appropriate steps to do so", the company says.