Sen. Elizabeth Warren (D-Mass.) will question the former head of Equifax Wednesday—and if her recent statements about the Equifax hack are any indication, she’ll probably mop the floor with him.
Richard Smith, the former CEO of Equifax, is set to testify before the Senate Banking Committee. Smith resigned last week as a result of this summer’s massive cyber breach at the credit reporting agency that exposed the private information—including credit card and Social Security numbers—of more than 143 million Americans. In advance of the hearing, Warren’s office sent Smith a list of 37 questions that she wants answered either in the hearing tomorrow, or in writing by October 16.
“Despite the fact that Equifax has now known of this breach for over nine weeks, and has put out two public statements on the breach, the company has not provided a full and complete accounting of the extent of the breach,” Warren wrote, calling the hack and Equifax’s response to it a “betrayal of customer trust and corporate responsibility.”
This is just the latest move in Warren’s pursuit of answers from Equifax about the massive hack and the company’s sluggish response. Though Equifax learned of the breach on July 29, 2017, the company didn’t announce it publicly until September 7, 40 days later. A week later, Warren launched an investigation into the breach, sending letters to the three largest credit reporting agencies with detailed questions about their plans to shore up protections in order to avoid future problems. In her initial letter to Equifax, Warren criticized the agency’s lack of transparency about the hack, its slow response, and its insufficient—even predatory—efforts to protect affected customers in the aftermath. Warren’s letter noted that the credit reporting agency’s initial effort to enroll customers in free credit monitoring required enrollees to sign away their right to sue Equifax.
At the same time, Sen. Warren also proposed legislation, The Freedom from Equifax Exploitation (FREE) Act, which would require credit reporting agencies to offer customers free options to impose or lift a “credit freeze” that halts the sharing and selling of personal credit information to third parties. Credit freezes—which have been widely recommended in the wake of the Equifax breach as a way to prevent identity theft—typically cost between $3 and $10, and fees are also charged anytime a customer wants to lift or reinstate a freeze. Thanks to these fees, Equifax could effectively end up making money off the security breach by charging customers to freeze or unfreeze their credit.
Four days later, Warren excoriated Equifax in a Senate floor speech. “[It’s b]ad enough that Equifax was so sloppy that they let hackers into their system, but the company’s response has been even worse,” she said.
Three days later, Warren expanded her investigation into Equifax, sending letters to the Securities and Exchange Commission, Equifax’s board of directors, and the Department of Homeland Security requesting additional information. Last week, Warren wrote a harsh op-ed criticizing Equifax for Fortune.
When it comes to Wall Street financiers, Warren has developed a reputation for no-holds-barred questioning: Last year she eviscerated the CEO of Wells Fargo after news broke of employees creating millions of unauthorized bank accounts for customers. During confirmation hearings this winter for Trump’s slew of ex-Wall Street cabinet nominees—Steve Mnuchin, Wilbur Ross, and more—Warren gave several speeches opposing their nominations.