Richard Smith, former Chairman and CEO, Equifax Inc., testifies during a House Energy and Commerce Committee hearing on Tuesday. Photo by Kevin Dietsch/UPI | License Photo
Oct. 3 (UPI) -- Former Equifax CEO Richard Smith apologized to the House Committee on Energy and Commerce on Tuesday for a massive data breach reported by the company this summer.
On Monday, the credit rating company updated the number of Americans potentially affected by the release of personal information by 3 million -- to 146 million people. Smith appeared before the committee a day later.
"As CEO I was ultimately responsible for what happened on my watch. Equifax was entrusted with Americans' private data and we let them down," he told the House panel in prepared remarks. "To each and every person affected by this breach, I am deeply sorry that this occurred. Whether your personal identifying information was compromised, or you have had to deal with the uncertainty of determining whether or not your personal data may have been compromised, I sincerely apologize."
His remarks were preceded by a disparaging comment from Rep. Ben Ray Lujan, D-N.M., who said Smith's appearance could be about "damage control, to put a happy face on your firm's disgraceful actions and then depart with a golden parachute."
Equifax and other credit rating companies were advised in March by the Department of Homeland Security's Computer Response Readiness Team that certain computer vulnerabilities required patching. Smith said that fix was not applied quickly enough.
The company said hackers found the weakness and exploited it to gain access to names, Social Security numbers and other sensitive personal information.
The breach went undetected until July. By August, Equifax was aware of the scale of the breach, Smith said.
During questioning, Rep. Joe Barton, R-Texas, suggested that credit reporting agencies should pay consumers if they are hacked.
"You're just required to notify everybody and say 'So sorry, so sad.' It would seem to me that you might pay a little more attention if you had to pay everybody whose account got hacked a couple of thousand bucks or something," Barton said.
Rep. Jan Schakowsky, D-Ill., suggested the industry requires more government regulation.
Equifax said it has taken a number of steps to ensure customer safety, including offering credit locks for life, at no charge.
Smith retired Sept. 26.