Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

U.S. Politicians Demand Probe of Equifax After Hack

A senior US senator called Wednesday for a federal investigation of credit rating agency Equifax after the company lost the personal data of 143 million customers to hackers.

A senior US senator called Wednesday for a federal investigation of credit rating agency Equifax after the company lost the personal data of 143 million customers to hackers.

Senator Mark Warner asked the Federal Trade Commission, one of the few bodies with oversight powers over loosely-regulated credit raters, to examine Equifax’s security practices and its “widely-panned response” to consumers potentially impacted by the breach. 

Warner, a member of the powerful Senate Banking Committee, accused the company of “exceptionally poor cybersecurity practices” that continued even after the hack became known.

He also said the company’s woeful response to people whose data may have been lost — including trying to charge them for protection — was “alarming”.

“The volume and sensitivity of the data potentially involved in this breach raises serious questions about whether firms like Equifax adequately protect the enormous amounts of sensitive data they gather and commercialize.”

Equifax is one of the three major firms which collect consumers’ financial data in order to rate their credit-worthiness to banks, home sellers, auto sellers and others who depend on consumer credit in marketing.

The data the company admitted to losing on September 7 includes people’s names, social security numbers, addresses, credit card numbers, and other financial details.

Such data is often used by criminals to steal people’s identities for financial gain.

Advertisement. Scroll to continue reading.

Although crucial to the smooth functioning of the US banking industry, credit rating agencies are little regulated, and Warner called for the FTC to take a stronger oversight role.

US officials are investigating the data hack but would not say Wednesday if they knew who was behind it, though foreign hackers are widely suspected. 

The breach took place from mid-May through July 2017 via a website application vulnerability that US cyber security companies say they had identified in March.

Congress has expressed outrage at the hack and the company’s management of it. Particular anger has been aimed at allegations that three Equifax officials sold their stock in the company before the hack was made public.

On Monday Senate Finance Committee  Chairman Orrin Hatch and Ranking Member Ron Wyden called on Equifax to explain the breach and its actions to the committee.

“The scope and scale of this breach appears to make it one of the largest on record, and the sensitivity of the information compromised may make it the most costly to taxpayers and consumers,” they told Equifax in a letter.

Written By

AFP 2023

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Gain valuable insights from industry professionals who will help guide you through the intricacies of industrial cybersecurity.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cybercrime

Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Artificial Intelligence

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cybercrime

Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.