WASHINGTON — Rep. Carolyn Maloney, D-N.Y., sent a letter to the top executives at TransUnion and Experian on Wednesday asking them what steps they are taking to safeguard consumer data in light of the Equifax breach.
The letter cites press reports that the hackers who exploited Equifax and stole the personal information on 143 million people found a flaw in a open-source server software called Struts, which is also used by TransUnion.
In the letter, Maloney asks James Peck, CEO of TransUnion and Brian Cassin, CEO of Experian, if any data breaches have occurred at their respective companies.
“Are you aware of any evidence that hackers have compromised your company’s information security and stolen sensitive or personally identifiable information about consumers?” Maloney asks in the letter along with questions on whether the press reports are right and they use the same software as Equifax.
Todd Cello, the chief financial officer of TransUnion, said Tuesday that his company had not been breached. At this point in time, we have no reason to believe that we’ve been subject to a similar type of breach,” he said.
Maloney’s letter comes as lawmakers have quickly turned from responding to the Equifax breach to taking a broader look at the industry.
Sen. Mark Warner, D-Va., co-founder of the bipartisan Senate Cybersecurity Caucus, sent a letter to Maureen Ohlhausen, acting chair of the Federal Trade Commission, requesting a deeper dive into Equifax’s cybersecurity and data protection and also questioned how data should be used and shared.
“Should Congress limit the ability of credit reporting agencies to sell data outside specific contexts, such as credit, banking and employment inquiries?” Warner asked.