Georgia lawmakers want Equifax probe before sanctions


The Senate’s top Democrat compared Atlanta-based credit bureau Equifax to the beleaguered company Enron on Thursday and called on Equifax’s board and CEO to step aside if they can’t commit to protecting the 143 million Americans whose personal information was compromised in a whopping data breach.

Senate Minority Leader Chuck Schumer, D-NY, called for hearings to look into the matter, demanding that Equifax officials agree to testify before his chamber, as well as the Federal Trade Commission and the Securities and Exchange Commission. He demanded that the company comply with any recommendations arising from the government probes.

Schumer said the company also needed to notify their customers who were hacked, provide credit monitoring for 10 years and remove forced arbitration provisions from their terms of use of credit products. If executives do not agree to those terms, Schumer said, CEO Rick Smith and Equifax’s board of directors should be fired.

Schumer gave Equifax until next week to comply, and compared the credit bureau to Enron, the gigantic energy company that declared bankruptcy in 2001, leaving thousands of employees with no savings because their retirement plans were based on Enron shares.

“To give Equifax a week to implement these things is overly generous to the people who did horrible stuff and then, after it happened, did nothing, virtually nothing that showed that they had remorse,” he said.

Georgia’s congressional delegation also called for answers, but tread cautiously on the matter. Most said it’s too early to pursue some of the prescriptions advocated by Democrats, and said congressional probes should move forward first before lawmakers make any decisions on new cybersecurity laws, regulations or other disciplinary actions.

“If you make those decisions before you investigate, you’re going to do the wrong thing,” said U.S. Sen. Johnny Isakson, R-Ga. “You don’t rush to judgment on Equifax. Equifax has got a lot of explaining to do, but you’ve got to give them the chance to explain before you rush to judgment.”

Representatives for Equifax did not respond to requests for comment.

Rhetoric on Capitol Hill has only grown more heated in the week since Equifax disclosed criminals hacked in to their network and exposed sensitive data, such as Social Security numbers. More than half of the nation’s adult population could be affected.

U.S. Sen. Ron Wyden, D-Ore., introduced a bill he said would guarantee all Americans the use of personal identification numbers to freeze and unfreeze their credit for free to help prevent financial fraud in the wake of the cyberattack.

One senator has called for the jailing of some top executives who traded stock before the breach was made public. Equifax has said it learned of the breach July 29, but representatives said the executives were not aware of the incident when they sold a combined $1.8 million worth of stock in early August.

Consumer lawsuits against Equifax are mounting and federal authorities are also investigating the breach and its culprits.

“Let’s get down to as much of the facts as we can and then let that guide our next actions,” said U.S. Rep. Buddy Carter, R-Pooler.

‘Equifax has got to pay’

Congress and consumer watchdogs have trashed Equifax not only for security lapses that led to the breach but for the bungled response that followed. There have been complaints that the company’s call centers are inadequate, and a website for consumers hit by the breach dispensed conflicting information.

Equifax also took heat for language in the terms of use of credit protection products it offered free for one year to victims. It appeared to force consumers to give up their rights to sue or join class actions. Equifax rescinded that language under pressure.

One of the most critical Georgia lawmakers was Democrat Hank Johnson of Lithonia, who said the hack proved the need for Congress to pass two bills he sponsored earlier this year related to data privacy and forced arbitration.

“I will continue introducing these critical bills — fighting to ensure all consumers have the tools they need to protect themselves from identity theft and have their day in court,” he said.

Many Georgia lawmakers have been boosters of the home state credit bureau in the past. The firm has donated thousands to local lawmakers in recent years. Isakson was by far its biggest recipient in 2016 as he ran for reelection.

Equifax is “a longstanding Georgia company, and we want to make sure that they come out of this standing as tall as possible,” said Atlanta Democrat David Scott. “And the way to do that is to … find out what happened and who’s responsible so that (it has) the confidence of the people.”

Scott and Isakson are members of informal House and Senate financial innovation caucuses or groups of lawmakers who say their purpose is to explore “new and innovative technologies in the payments industry and address issues concerning data security, consumer protection and electronic payments.”

Scott said he’s worried that “our lack of cybersecurity is becoming a very serious national security issue” and that some new rules may be needed to beef up enforcement.

“There’s no question about the fact that Congress needs to act here and learn from all of this,” he said.

Isakson said “failure is not an option” given that tremendous number of people affected.

“We’ve got to make sure that the credit is protected, that the information is protected and the consumers are protected,” he said, “and Equifax has got to pay for the mistake, if in fact they made it.”

Pointing fingers

Equifax and a software company have blamed each other for a glitch that allowed hackers to steal the sensitive data.

Late Wednesday, Equifax said that hackers breached a vulnerable spot in a U.S. website application called Apache Struts.

But Apache Software Foundation said in a statement Thursday that it provided and announced a patch for the software fault on March 7, well before Equifax said the security breach began in mid-May.

“In conclusion, the Equifax data compromise was due to their failure to install the security updates provided in a timely manner,” the foundation said.

The 18-year-old foundation said it is an all-volunteer organization that produced open-source Java applications for government and business users, including Fortune 100 companies.

Analysts had suspected the breach was related to the Apache Struts issue.

“At the end of the day, there’s humans building the software core … and at the end of the day there is always vulnerability,” said Dimitri Sirota, CEO of BigID, a data security firm.

MYAJC.COM: REAL JOURNALISM. REAL LOCAL IMPACT.

AJC Business reporter Russell Grantham keeps you updated on the latest news about major companies, CEOs and public utilities in metro Atlanta and beyond. You'll find more on myAJC.com, including these stories:

Never miss a minute of what's happening in local business news. Subscribe to myAJC.com.



Reader Comments ...


Next Up in Local

Q&A on the News

Q: The president referred to Haiti and certain African countries as “s**thole countries,” and that particular expletive was spoken on national TV networks. Since when can that particular expletive be spoken on television? —Richard H. Siegel, Atlanta A: Federal law prohibits obscene, indecent and profane content from being broadcast...
Police: 4 children shot at park near Florida high school
Police: 4 children shot at park near Florida high school

Four children were shot Sunday at Willows Park near Evans High School, the Orlando Police Department said. Someone called 911 to report that three gunmen shot at a crowd at 3101 Willow Bend Blvd. around 6:15 p.m., police said. Three teenage girls who were shot in the leg were taken to a hospital. Police said a fourth victim went to a hospital later...
ALDI announces opening for DeKalb store — and you can get free stuff
ALDI announces opening for DeKalb store — and you can get free stuff

ALDI, the grocery store chain, is opening its newest metro Atlanta location near Decatur on Feb. 1. Located at 1669 Scott Boulevard, it is part of a $3.4 billion investment plan to expand to 2,500 stores nationwide by the end of 2022. ALDI has more than 1,600 stores in 35 states, the company said. To celebrate the opening there’s a ribbon-cutting...
Get a free Chick-fil-A biscuit at metro Atlanta locations Tuesday
Get a free Chick-fil-A biscuit at metro Atlanta locations Tuesday

Hope you’re hungry. Chick-fil-A is giving away free chicken biscuits Tuesday morning at its metro Atlanta locations. READ | Where to find winter farmers markets in metro Atlanta From the time the chicken restaurant opens its doors until breakfast service ends at 10:30 a.m., you can get a free chicken biscuit, no purchase necessary. You must...
$1.2 million lottery winner bought Fantasy 5 ticket in Jonesboro
$1.2 million lottery winner bought Fantasy 5 ticket in Jonesboro

A Georgia Lottery player is now a millionaire after the Fantasy 5 drawing Saturday, officials said. The winning numbers, 1-22-30-35-37, matched a ticket sold at a QuikTrip in the 8100 block of Tara Boulevard in Jonesboro, spokeswoman Nia Roberts said in a news release.  The ticket’s total prize was $1,260,854 and the winner claimed the jackpot...
More Stories