Senate panel accuses Equifax of neglecting cybersecurity

An institutional neglect toward cybersecurity contributed to the massive 2017 data breach at Equifax that compromised sensitive information for more than 145 million Americans, a Senate panel alleged in a new report.

The Senate Homeland Security and Governmental Affairs Committee’s Permanent Subcommittee on Investigations on Wednesday night released its conclusions from a probe into the incident and said Equifax failed to take basic steps to protect its security system from vulnerabilities.

“Based on this investigation, the Subcommittee concludes that Equifax’s response to the March 2017 cybersecurity vulnerability that facilitated the breach was inadequate and hampered by Equifax’s neglect of cybersecurity,” the panel wrote in its report. “Equifax’s shortcomings are long-standing and reflect a broader culture of complacency toward cybersecurity preparedness.”

The report was released the night before Equifax CEO Mark Begor, who joined the company after the data breach, testified before the subcommittee.

On Thursday, he apologized to the panel for the incident but took issue with the report’s findings.

“The fact that Equifax suffered a data breach does not mean the company did not have a data security program or failed to take cybersecurity seriously,” Begor said.