Senators call for more actions from Equifax in wake of hack


As former Equifax Chief Executive Richard Smith appeared Wednesday for the second of three Congressional hearings this week, senators called for the company to do more to make amends to almost 146 million Americans affected by a massive hacking incident.

The suggestions ranged from calls for Equifax to take more legal and financial responsibility for the likely harm to consumers, to demands that the company pay big fines for allowing the hack to happen.

Some lawmakers said Congress also needs to draft stronger legislation to require companies to tell consumers sooner after hacking attacks occur, and to require tougher data security standards.

Smith, who stepped down last week from Equifax, also had a suggestion. Businesses, academics and the federal government, he said, need to come up with a better universal identifier than Social Security numbers — some of the key information stolen.

“I look forward to being part of that dialog,” he said early in the hearing, which followed Tuesday’s appearance before House lawmakers.

Then the fireworks began.

Equifax has made much of its revenue from fraud protection products that will now be needed more than ever because of the giant data theft, said Sen. Ben Sasse, R-Neb.

“It feels like a broken windows business model,” he said, in which the company profits from damage it had a role in causing, he said. “You provided the bricks.”

“Senior executives like you should be held personally accountable,” Massachusetts Senator Elizabeth Warren told Smith, the sole witness at the hearing before the Senate Banking, Housing and Urban Affairs Committee. Equifax should face “severe financial penalties,” she said.

Stock sales by three top Equifax executives and a recently renewed contract with the IRS to provide fraud prevention services also drew the ire of several senators.

“They should give the money back,” Sen. Heidi Heitkamp, D-N.D., said of the roughly $655,000 in losses that the three executives avoided by selling stock before Equifax disclosed the breach, sending its stock plunging.

Likewise, she called on Equifax to back away from the recently renewed $7.25 million contract with the IRS to provide fraud prevention and taxpayer identification services to the IRS, according to media reports.

“Many times it’s the symbolic acts” that matter, said Heitkamp. “My advice to you is to do some things that are very, very visible, and that’s two things you could do.”

Equifax had disclosed on Sept. 7, along with the hacking incident, that three of its top executives, including its chief financial officer, had sold $1.8 million worth of company stock. The sales occurred on Aug. 1 and Aug. 2, days after the company first discovered signs of a serious hacking incident. The public disclosure came more than a month later, raising suspicions of illegal insider trading.

Equifax has said the executives had no knowledge of the breach at the time they sold stock.

Smith said in hearings Tuesday and Wednesday that the company didn’t know at the time that hackers had stolen large amounts of data, including millions of folks’ Social Security numbers and other sensitive information.

But some senators weren’t buying it.

Under questioning, Smith said that Equifax’s chief lawyer was first notified of “suspicious activity” by hackers on Aug. 2. The chief attorney approved the executives’ stock sales on Aug. 1 and Aug. 2.

Smith also said that on Aug. 2, Equifax officials and a big Atlanta law firm working for the company, King & Spalding, had notified the FBI of the breach on Aug. 2, the same day as some of the executives’ stock sales.

Equifax had detected the activity on July 29 and shut down a web portal hackers had broken into on July 31, according to a timeline in Smith’s prepared testimony before the hearings.

But Smith said "millions" of hacking attempts occur at Equifax every year, and that the company didn't know by Aug. 2 that a theft of personal data had actually occurred.

“To the best of my knowledge, they had no knowledge,” Smith said of the executives.

After the data theft was disclosed to the public more than a month later, Equifax’s stock dropped about 36 percent, wiping out more than $6 billion of the value of investors’ stake in the company.

“This really stinks. It smells really bad. And I guess smelling bad isn’t a crime,” said Sen. Raymond “Jon” Tester, D-Mont.

Heitkamp wanted to know how often Equifax notified the FBI after detecting suspicious activity.

“I don’t know that information,” said Smith, adding that he would ask the company to look into it.

Warren lambasted Equifax for a history of past hacking incidents that she said have allowed the company to profit from selling fraud-prevention and related products to consumers.

“The whole thing is staggering,” said Warren, the Democratic senator from Massachusetts, who is often a critic of financial institutions. Equifax “should have the best security in the nation, and it has the worst,” she said.

She asked Smith if fraud is more likely now as a result of the most recent hacking incident.

“Senator, yes it is,” Smith answered.

So, Warren asked, it has created a “business opportunity” for Equifax to sell fraud protection products to consumers?

Smith said the “best thing’ for consumers to do is sign up for Equifax’s free credit monitoring and credit freeze products it offered after disclosing the data breach.

Equifax “is making millions of dollars on its own screw-up,” said Warren. “From 2013 to today, Equifax has disclosed at least four different hacks.” She asked if Equifax’s profits increased during that period.

“Yes, it did,” Smith answered.

By about 80 percent, Warren added. “The incentives in this industry are completely out of whack,” she said.

Consumers and businesses will be harmed by the fallout from Equifax’s data breach, she added, but “Equifax will be just fine. In fact, it could come out ahead.”

MYAJC.COM: REAL JOURNALISM. REAL LOCAL IMPACT.

AJC Business reporter Russell Grantham keeps you updated on the latest news about major companies, CEOs and public utilities in metro Atlanta and beyond. You'll find more on myAJC.com, including these stories:

Never miss a minute of what's happening in local business news. Subscribe to myAJC.com.



Reader Comments ...


Next Up in Business

The Justice Department is suing AT&T to block its $85 billion bid for Time Warner
The Justice Department is suing AT&T to block its $85 billion bid for Time Warner

The Department of Justice is suing to block AT&T's $85 billion bid for entertainment conglomerate Time Warner, setting the stage for one of the biggest antitrust cases to hit Washington in decades. The suit is fraught with legal and political risks for both sides. Several Democrats have expressed concern that antitrust officials could be seeking to...
Business stories of the week: Amazon, 2018 priorities, Phipps Plaza
Business stories of the week: Amazon, 2018 priorities, Phipps Plaza

The week had no shortage of business headlines among Atlanta area companies – or perhaps companies that want to become Atlanta area companies. From the Amazon second headquarters search to major development projects, here are some of the big business headlines you might have missed from the past week. Georgia and Atlanta area economic development...
More job cuts coming to Atlanta as part of Coca-Cola restructuring
More job cuts coming to Atlanta as part of Coca-Cola restructuring

Atlanta-based Coca-Cola plans to cut an additional 179 jobs in its hometown as part of a broader restructuring the beverage giant announced earlier this year. In filings with the Georgia Department of Economic Development’s Workforce Division, Coke identified layoffs at three corporate offices in the city effective by the end of December...
Atlanta’s Phipps Plaza makeover plan shifts into overdrive
Atlanta’s Phipps Plaza makeover plan shifts into overdrive

The reinvention of Phipps Plaza into a mixed-use entertainment and shopping complex has been in the works for more than a decade. But the announcement Tuesday of a $200 million-plus expansion, including a flagship Nobu hotel and restaurant, will take that the makeover to a new level, officials with mall owner Simon hope. In Nobu, Phipps will add...
4 of the best ways to turn your home into a cash cow
4 of the best ways to turn your home into a cash cow

Your house is a large expense with many associated costs like a mortgage payment, insurance, maintenance and more. It provides a roof over your head, of course, but since it usually costs you money each month, why not put it to work for you and earn some cash in the process? The following are four ways your house can make you money: If you're planning...
More Stories