Equifax said Friday that two executives entrusted with watching over its computers are retiring, their departures coming after its maligned handling of a major hack at the credit reporting agency.
The Equifax chief information officer and head of security will retire, effective immediately, as "part of the company's ongoing review of the cybersecurity incident" that resulted in personal data of 143 million US customers being stolen by hackers.
An as yet unspecified number of Canadian and British customers may have also been affected by the hack at Equifax, one of the three major credit bureaus that collect consumer financial data.
The breach is considered one of the worst-ever because of the nature of data collected: bank and social security numbers and personal information of value to hackers and others.
An internal investigation into the hack continues and the company is working with the FBI, according to Equifax.
Word that top executives responsible for defending Equifax computer systems are out came on the same day that the Canadian privacy commissioner announced an investigation into the massive theft of personal data from the US credit agency.
"The investigation is a priority for our office given the sensitivity of the personal information that Equifax holds," the office of the privacy commission of Canada said in a release.
A lawsuit by Canadian consumers whose data was stolen in the Equifax hack was launched this week, seeking class action status and damages of Can $550 billion ($450 billion US).
- Questions mount -
A senior US senator this week asked the Federal Trade Commission, one of the few bodies with oversight powers over loosely-regulated credit raters, to examine Equifax's security practices and its "widely-panned response" to consumers potentially impacted by the breach.
Senator Mark Warner, a member of the powerful Senate Banking Committee, accused the company of "exceptionally poor cybersecurity practices" that continued even after the hack became known.
He also said the company's woeful response to people whose data may have been lost -- including trying to charge them for protection -- was "alarming".
"The volume and sensitivity of the data potentially involved in this breach raises serious questions about whether firms like Equifax adequately protect the enormous amounts of sensitive data they gather and commercialize."
Equifax collects consumers' financial data in order to rate their credit-worthiness to banks, home sellers, auto sellers and others who depend on consumer credit in marketing.
The data the company admitted to losing on September 7 includes people's names, social security numbers, addresses, credit card numbers, and other financial details.
Such data is often used by criminals to steal people's identities for financial gain.
US officials are investigating the data hack but have not revealed if they know who was behind it, though foreign hackers are widely suspected.
The breach took place from mid-May through July 2017 via a website application vulnerability that US cyber security companies say they had identified in March.
Congress has expressed outrage at the hack and the company's management of it. Particular anger has been aimed at allegations that three Equifax officials sold their stock in the company before the hack was made public.
- Shares sold -
US Senator Elizabeth Warren on Friday fired off letters to credit reporting agencies Equifax, TransUnion and Experian as well as to several governmental agencies as part of "a new, broad investigation" into the breach and how it was handled, according to a release.
"Equifax has failed to provide the necessary information describing exactly how this happened, and exactly how your security systems failed," Warren said in a letter to the company.
"Equifax's initial efforts to provide customers information did nothing to clarify the situation and actually appeared to be efforts to hoodwink them into waiving important legal rights."
While not the largest breach -- Yahoo attacks leaked data on as many as one billion accounts -- the Equifax incident could be the most damaging because of the nature of data collected: bank and social security numbers and personal information of value to hackers and others.
The House Energy and Commerce Committee has scheduled an October 3 hearing with Equifax chief executive Richard Smith, who has openly apologized for the breach.
The Atlanta-based company disclosed the breach in a release that did not explain why it waited more than a month to warn those affected about a risk of identity theft.
Filings with the US Securities and Exchange Commission showed that three high-ranking Equifax executives sold shares worth almost $1.8 million in the days after the hack was discovered.
An Equifax spokesperson told AFP the executives "had no knowledge that an intrusion had occurred at the time they sold their shares."
GMT 22:53 2018 Thursday ,13 December
Indian Minister of Trade meets with UAE Ambassador, Chairman of Emaar PropertiesGMT 13:41 2018 Thursday ,06 December
Tyre maker Continental opens lab to extract rubber from dandelionsGMT 15:22 2018 Friday ,30 November
Paper industry around famous Chinese lake to be shut down by 2019GMT 11:13 2018 Sunday ,18 November
Electricx 2018 kicks off with participation of over 20 countriesGMT 14:17 2018 Thursday ,25 October
BP eyes entering several new Rosneft projectsGMT 12:08 2018 Saturday ,20 October
OPEC participants performed Vienna Agreement by 111%GMT 16:14 2018 Saturday ,06 October
Saudi Aramco IPO to go ahead by early 2021GMT 19:01 2018 Thursday ,04 October
LEAD S. Korean firms offer aid for quake-hit IndonesiaMaintained and developed by Arabs Today Group SAL.
All rights reserved to Arab Today Media Group 2021 ©
Maintained and developed by Arabs Today Group SAL.
All rights reserved to Arab Today Media Group 2021 ©
Send your comments
Your comment as a visitor