Two lawmakers urge CFPB, FTC to keep pressure on Equifax

WASHINGTON — Two Democratic lawmakers are calling for an update on regulators' progress investigating Equifax a year after a massive data breach at the credit reporting giant came to light.

Sen. Elizabeth Warren, D-Mass., and Rep. Elijah Cummings, D-Md., have sent a letter to the Consumer Financial Protection Bureau and the Federal Trade Commission urging them to hold credit reporting agencies accountable. Equifax disclosed the breach that ultimately affected 148 million consumers, in September 2017.

“Companies like Equifax do not ask the American people before they collect their most sensitive information. ... This is why effective oversight of these companies by your agencies is vital and why the American people deserve an update on your investigations,” the lawmakers said in the letter, which was addressed to FTC Chairman Joseph Simons and acting CFPB Director Mick Mulvaney.

Elizabeth Warren
Senator Elizabeth Warren, a Democrat from Massachusetts, speaks during an event at the National Press Club in Washington, D.C., U.S., on Tuesday, Aug. 21, 2018. Declaring that big money has created a culture of corruption that colors virtually every important decision in Washington, Warren proposed a sweeping package of restrictions that would create a sea-change in the way the nation's capital operates. Photographer: Joshua Roberts/Bloomberg
Joshua Roberts/Bloomberg

Warren and Cummings pointed to a Government Accountability Office report, which they say confirms data security failures on the part of Equifax.

The GAO report found that Equifax determined several factors had facilitated hackers' ability to gain access to its network and extract information from databases containing personally identifiable information. Those factors included identification, detection, segmentation and data governance.

“This report confirmed the findings of Sen. Warren's investigation which also revealed that Equifax had advance notice of its vulnerabilities and still failed to take steps to protect the personal information of millions of Americans,” Warren and Cummings wrote.

Specifically, Warren and Cummings asked if the investigations into Equifax are still ongoing and whether the agencies have issued civil investigative demands, interviewed Equifax personnel or examined Equifax’s facilities on-site.

They also asked if the agencies have conducted cybersecurity examinations of the other two major credit bureaus, Experian and TransUnion.

In April, Warren and several other Senate Democrats questioned Mulvaney on the CFPB’s investigations into Equifax in the wake of reports that the agency was stalling its inquiry and cutting back on its supervision of large consumer reporting agencies.

For reprint and licensing requests for this article, click here.
Data breaches Data security Credit reporting Elizabeth Warren Mick Mulvaney Equifax CFPB News & Analysis FTC
MORE FROM AMERICAN BANKER