The Strategist

US senators need Equifax to explain the hacker attack

09/12/2017 - 14:16

Republican Senator Orrin Hatch and Democratic Senator Ron Wyden asked Equifax to explain a hacking, which resulted in hackers gaining access to personal information of about 143 million Americans. The senators also want to know if the attackers got access to data from the US Human Resources Office.

Tony Webster
Tony Webster
Equifax is also required to disclose information about whether the three top executives who sold part of the company's shares knew about the hacking before the deal. Three of the company's top managers, including its financial director, John Gamble, sold Equifax shares for almost $ 1.8 million within a few days the cyberattacks were discovered.

A representative of Equifax told the Financial Times that none of the three knew about the cyberattack at the time of the transactions, and that they sold only a small fraction of their investments. Chairman of the Committee on Financial Operations of the House of Representatives Jeb Hensarling also called for the hearings in the House of Representatives of the US Congress.

Credit Bureau Equifax Inc., one of the three largest in the United States, reported a massive cybersecurity breach. In turned out that the company’s management knew about the attack already in the end of July 2017. The hackers penetrated the company’s servers even earlier, in May this year, but the presence remained unnoticed until a certain point in time. No details about the attack are reported; it is only known that the attackers compromised a certain web application on the website. The official announcement was issued only recently.

According to Bloomberg, the intruders got access to names of customers, their dates of birth, numbers of insurance policies and driving licenses. In addition, the cyber-fraudsters obtained access to credit card numbers of 209,000 people and a number of documents on claims containing personal data of 182,000 Americans.

Equifax also found that hackers gained access to data from some UK and Canadian residents. The Equifax Credit History Bureau handles the processing and storage of data on performance of loans and borrowings by individuals and legal entities, and also provides credit reports and other related services.

New York Attorney General Eric Schneiderman said last Friday that his office would launch an official investigation into the hacking, adding that more than 8 million New Yorkers were harmed by hackers. The Attorney General of Illinois has also begun an investigation, and more states can follow the suit.

There are already two lawsuits (in Portland, Oregon, and Atlanta, Georgia) filed against the company. They argue that Equifax was negligent in protecting its consumers. The event has become a serious blow to the reputation of the company, whose specialists are hired to protect user data. "You will feel more secure with Equifax, we are the leading provider of data leakage protection services and we serve more than 500 organizations that are experiencing data leakage every day," the company website said.

Investors also showed their displeasure with the hacking, selling shares in the company. As a result, the company's market value fell by more than $ 2 billion.

According to WSJ, Equifax also lobbied for ease of regulation of companies providing credit reporting, in particular, the limitation of legal liability. Equifax also lobbied for issues related to "data security and notification of violations" and "disclosure of information about threats to cybersecurity."