Smith chose to talk during a livestream for the Digital Commerce and Consumer Protection subcommittee of the House Energy and Commerce committee. "This is unlike other breaches at stores such as Target and Michaels, where consumers could make a choice and change their shopping habits if they were upset with how the companies protected data".
Former Equifax CEO Richard Smith apologized for the compromise of such information as names, addresses, birth dates and Social Security numbers. At least one state, Massachusetts, and the cities of San Francisco and Chicago have sued Equifax as well.
In regards to the three company executives that sold almost $2 million worth of stock on Aug.1 and August 2, just days after the company discovered there had been some sort of "suspicious activity", Smith said, to the best of his knowledge, these executives were unaware of the cyber intrusion. The site not only proved unhelpful and confusing, it then directed many to sign up for Equifax's credit monitoring product TrustID.
Richard Smith, the former CEO of Equifax, testified Tuesday morning before the House Energy and Commerce Committee about the credit reporting firm's massive security breach.
Smith stepped down as CEO three weeks after the breach was announced to the public.
Under-fire credit agency Equifax has been awarded a $7.3m government contract to help protect taxpayers from identity fraud, despite having itself breached the details of over 145 million Americans, it has emerged.
On a website for affected US consumers, Equifax explains that the complex and time-consuming investigation is behind the delay between its discovery of the breach and disclosing it. "We're here today to do what Equifax failed to do, and that's put consumers first".
Smith's 12-year tenure at Equifax came to a stunning end last week when he abruptly retired, replaced in the interim by Paulino do Rego Barros Jr., an executive from the company's Asia Pacific division.
Lawmakers from both parties said it's time to enact tougher rules for data security.
That activity was eventually identified on 31 July, but the scale of the breach and whether any information had been stolen was not immediately clear at that time, he said.
The company is dealing a breach of its systems by hackers who accessed or stole the information of 145 million Americans.
Smith continued, "The people affected by this are not numbers in a database". Smith said that fix was not applied quickly enough. "As this important phase of our work is now completed, we continue to take numerous steps to review and enhance our cybersecurity practices", said Barros.
An Equifax employee failed to alert the company that it needed to apply a patch to the vulnerable system. Despite learning of the breach in late July, the company waited more than 40 days to notify the public, a fact that incensed several of the lawmakers.
"A constituent pointed out to me it would be wrong to call the victims of this breach Equifax customers, and he asks why he's been impacted in this manner", Congressman Paul Tonko, R-NY, said.