Lawmakers widen Equifax probe to other credit bureaus

WASHINGTON — Rep. Carolyn Maloney, D-N.Y., sent a letter to the top executives at TransUnion and Experian on Wednesday asking them what steps they are taking to safeguard consumer data in light of the Equifax breach.

The letter cites press reports that the hackers who exploited Equifax and stole the personal information on 143 million people found a flaw in a open-source server software called Struts, which is also used by TransUnion.

In the letter, Maloney asks James Peck, CEO of TransUnion and Brian Cassin, CEO of Experian, if any data breaches have occurred at their respective companies.

“Are you aware of any evidence that hackers have compromised your company’s information security and stolen sensitive or personally identifiable information about consumers?” Maloney asks in the letter along with questions on whether the press reports are right and they use the same software as Equifax.

Rep. Carolyn Maloney, D-N.Y.
Carolyn Maloney, a Democrat from New York, speaks a joint Economic Committee hearing on financial regulatory overhaul in Washington, D.C., U.S., on Thursday, Nov. 19, 2009. Treasury Secretary Timothy Geithner said he expects U.S. economic growth will extend into next year and called on Congress to pass as soon as possible legislation intended to prevent another financial crisis. Photographer: Andrew Harrer/Bloomberg *** Local Caption *** Carolyn Maloney

Todd Cello, the chief financial officer of TransUnion, said Tuesday that his company had not been breached. At this point in time, we have no reason to believe that we’ve been subject to a similar type of breach,” he said.

Maloney’s letter comes as lawmakers have quickly turned from responding to the Equifax breach to taking a broader look at the industry.

Sen. Mark Warner, D-Va., co-founder of the bipartisan Senate Cybersecurity Caucus, sent a letter to Maureen Ohlhausen, acting chair of the Federal Trade Commission, requesting a deeper dive into Equifax’s cybersecurity and data protection and also questioned how data should be used and shared.

“Should Congress limit the ability of credit reporting agencies to sell data outside specific contexts, such as credit, banking and employment inquiries?” Warner asked.

For reprint and licensing requests for this article, click here.
Cyber attacks Cyber security Credit scores Transunion Experian Equifax
MORE FROM AMERICAN BANKER