FYI.

This story is over 5 years old.

News

Equifax's ex CEO got crushed by Congress, but it won't matter

Former Equifax CEO Richard Smith got accused of leaving the company “with a golden parachute.”

Congressional lawmakers just tore into the former CEO of Equifax about the data breach at his company that put the nearly half of the U.S. population’s personal information at risk.

Richard Smith retired after Equifax’s hacking became public in September, but he testified before the House Energy and Commerce Committee on Monday. Later in the week, he’ll make a stop with the Senate Banking Committee on Wednesday and then back to the House for another hearing on Thursday.

Advertisement

So far, Congress hasn’t held back. But despite the grilling, Equifax shares were trading up Monday — and the IRS awarded a multi-million fraud prevention contract to the company just last week.

We listed some of the hardest jabs Congress took at Smith below.

Smith got accused of leaving Equifax “with a golden parachute.”

Despite leaving Equifax over public outcry, Smith’s various stock options and bonuses could still add up to a $90 million payday.

“I worry that your job today is about damage control: to put a happy face on your firm’s disgraceful actions and then depart with a golden parachute,” New Mexico Democrat Rep. Ben Ray Lujan said before Smith even began his testimony. “Unfortunately, if fraudsters destroy my constituents’ savings and financial futures, there’s no golden parachute awaiting them.”

The hack was described as “guards at Fort Knox forgetting to lock the doors.”

During his testimony, Smith described a combination of technological and human error. Although Equifax has spent roughly $250 million on cybersecurity in the last three years, the company’s employees failed to patch a known vulnerability in their systems this March. Then, a security program failed to notice the hole, which left an opening for hackers to compromise up to 145.5 million customers’ data between May and July..

Oregon Republican Rep. Greg Walden, the committee’s chairman, wasn’t pleased.

“It’s like the guards at Fort Knox forgot to lock the doors and failed to notice the thieves were emptying the vaults,” he said. “The American people deserve to know what went wrong.”

Advertisement

Smith took a hit for knowing about “suspicious activity”

The hearing examined how three Equifax executives sold nearly $2 million in stock on August 1 and 2. At that point, the company knew about “suspicious activity” in its systems, according to Smith, but cyber investigators didn’t finish examining the nature and extent of the problem until the middle of August.

Still, Smith said the legal official who approved the trades did know about the “suspicious activity” at the time.

Illinois Democrat Rep. Jan Schakowsky — who spent minutes grilling Smith about the timing of the sales, sometimes even cutting him off before he finished answering — didn’t buy the defense.

“What the heck does suspicious mean? It could be a breach,” she said.

“Sorry” wasn’t good enough.

Texas Republican Rep. Joe Barton insisted that as Congress continues overseeing the financial industry, he wants a law that fines credit reporting agencies for each customer whose info gets compromised in hacks.

“You’re really just required to notify everybody and say, so sorry, so sad,” Barton said. “It seems to me you might pay a little more attention to security if Equifax were required to pay every consumer who was affected several thousand dollars.”

Cover image: Former chairman and CEO of Equifax Richard F. Smith, scratches his head as he testifies before Congress on Capitol Hill in Washington, Tuesday, Oct. 3, 2017. (AP Photo/Carolyn Kaster)