Sept. 12 (UPI) -- Members of Congress demanded a detailed accounting of Equifax Inc. after the credit-reporting agency announced a hack of up to 143 million accounts.
A letter from leaders of the Senate Committee on Finance on Monday demanded answers to 13 questions regarding the scope of the breach, an itemization of what data was exposed and whether Equifax has systems in place to detect and stop intrusions.
The Atlanta-based company announced Thursday that a hack, six weeks earlier, may have leaked the personal information of 143 million Americans. Three senior executives of the company sold shares worth nearly $1.8 million between the day the breach was discovered and its disclosure to the public. The price of Equifax stock has fallen 20 percent since Thursday.
"The scope and scale of this breach appears to make it one of the largest on record, and the sensitivity of the information compromised may make it the most costly to taxpayers and consumers," said the letter, signed by Sen. Orrin Hatch, R-Utah, the finance committee chairman, and Sen. Ron Wyden, D-Ore., its ranking Democrat.
The letter noted that Equifax is a "critical partner" with the federal government in the administration of government agencies like the Internal Revenue Service, and those involved in transfer payments, including Social Security, Medicare and Medicaid.
Equifax has offered little comment on the matter since it announced that "core consumer or commercial credit-reporting databases" were not affected by the hack, but access to Social security numbers, home addresses, birth dates, credit card numbers and driver's license numbers -- information that criminals can use -- was vulnerable.
The letter from Hatch and Wyden demands that Equifax explains its procedures for system security. One part of the letter asks Equifax to "provide the committee a detailed timeline of the breach, including when it began, its discovery, the investigation of its scope and source, notification of authorities, efforts to notify customers and consumers, notification to the Equifax board of directors, and notification of Equifax senior executives -- including, but not limited to, John Gamble Jr., Rodolfo Ploder, and Joseph Loughran."
The latter part is a reference to the three executives who sold shares in the company after the breach was discovered. Gamble is Equifax' chief financial officer, Loughran is president of its U.S. information systems and Ploder is president of its workforce solutions.