Yesterday, the Senate Homeland Security and Governmental Affairs Committee’s Permanent Subcommittee on Investigations released its report on a probe into the 2017 Equifax hack stating that the company’s response was both “inadequate” and “hampered by [a] neglect of cybersecurity.” The report finds that the company’s shortcomings are both “long-standing” and “reflect a broader culture of complacency toward cybersecurity preparedness.”
Public Knowledge will host a briefing on privacy legislation February 5 from 2 - 3 p.m. at the Dirksen Senate Office Building. The briefing, “Privacy Protections in the Post-Equifax Era,” will outline privacy legislation expected for 2018 and review lessons learned from the 2017 Equifax data breach.
For nearly three months last summer, the sensitive personal data of more than 145 million American consumers was exposed to bad actors thanks to some “ham-fisted” behavior on the part of credit reporting giant, Equifax. Americans were outraged, and lawmakers began to scrutinize Equifax’s behavior during the breach, including three Equifax senior executives selling shares worth almost $1.8 million in the days after the company discovered the hack.
Today, Senators Mark R. Warner (D-VA) and Elizabeth Warren (D-MA) introduced the Data Breach Prevention and Compensation Act to hold credit reporting agencies like Equifax accountable for data breaches that jeopardize consumer data.
Today, Senator Patrick Leahy (D-VT) introduced the Consumer Privacy Protection Act of 2017. The bill would place requirements on companies with sensitive consumer information, such as Equifax, to maintain safeguards to ensure the privacy and security of such data, and to notify consumers when that sensitive data is breached. Public Knowledge applauds Senator Leahy and the bill’s co-sponsors, including Senators Markey, Blumenthal, Wyden, Franken, Baldwin, and Harris for prioritizing consumer privacy in the wake of the Equifax security breach.