IRS: New Equifax contract a stopgap as we switch vendors

Richard Smith testified to congress on Tuesday in the US

On Tuesday, Richard Smith, the former CEO of Equifax, testified before before the House Energy and Commerce Committee about the breach.

The colossal data breach also led to several top-level resignations at the renowned consumer credit reporting agency, which includes the chief security officer, the chief information officer, and the chief executive officer.

Equifax had disclosed on September 7, along with the hacking incident, that three of its top executives, including its chief financial officer, had sold $1.8 million worth of company stock. Only suspicious traffic in and out of its system on July 29th tipped the company off to the breach. Equifax is now offering free credit monitoring and credit freezes.

Recently-and-forcibly-retired Equifax CEO Rick Smith has laid the blame for his credit-check biz's IT security breach on a single member of the company's security team.

Despite the major breach, Equifax received a no-bid contract from the Internal Revenue Service (IRS) for fraud protection on October 4, that's worth about $7.25 million.

An external cybersecurity firm's forensic investigation into the Equifax breach has concluded, and the number of individuals affected by the hack attack has gone up. Equifax says that it will be mailing written notices to all of these consumers. One Oklahoma representative castigated Smith, saying the company "took a long, time to stand up" and warn the public of the breach.

King & Spalding partner Phyllis Sumner confirmed she is representing Equifax on Equifax data security matters. A spokeswoman for LifeLock said Wednesday the company monitors information from all three major credit bureaus, as well as identity theft information from third-party data sources, and LifeLock's proprietary ID Analytics network.

"As CEO I was ultimately responsible for what happened on my watch".

"That is my understanding, sir", Smith said.

Smith said the breach was the result of both "human error and technology errors", admitting the company failed to apply critical software patches in March.

"Based on the investigation to date, it appears that the first date the attacker (s) accessed sensitive information may have been on May 13, 2017", Smith said. Senate Finance Chairman Orrin Hatch told reporters that "it's irresponsible for the IRS to turn over millions in taxpayer dollars to a company that has yet to offer a succinct answer on how at least 145 million Americans had personally identifiable information exposed".

"I look forward to being part of that dialog", he said early in the hearing, which followed Tuesday's appearance before House lawmakers.

The IRS has suffered its own embarrassing breaches, with the agency announcing on 6 April that the personal data of up to 100,000 U.S. taxpayers could have been compromised.

"A constituent pointed out to me it would be wrong to call the victims of this breach Equifax customers, and he asks why he's been impacted in this manner", Congressman Paul Tonko, R-NY, said.

Related News: