US senator says ‘Somebody needs to go to jail’ over Equifax breach

Member of the Senate Banking Committee calls for a criminal investigation into Equifax

Credit cards, a chain and an open padlock is seen in front of displayed Equifax logo in this illustration taken September 8, 2017. REUTERS/Dado Ruvic/Illutration

RALEIGH — N.C.’s Attorney General says that 4.4 million people in N.C. may have been affected by the massive data breach at Atlanta-based credit bureau Equifax.

“Data security must be a top priority. I am extremely concerned about the Equifax data breach that exposed nearly 5 million North Carolinians’ personal data. My office has contacted Equifax to demand answers about how it will protect people and prevent future security issues,” said Attorney General Josh Stein in a statement.

“That includes asking for information about Equifax’s plans to waive fees collected for consumers who request a security freeze, reimbursements for consumers who choose to request a security freeze from other credit reporting agencies, and a detailed description of the credit monitoring and report lock Equifax is offering to consumers.”

Equifax announced last week that it learned on July 29 that hackers had infiltrated its systems in mid-May, gaining access to a wide swath of personal information, in what cyber security experts believe is one of the largest data hacks ever disclosed.

Three days after Equifax discovered the breach, three top company executives, including Chief Financial Officer John Gamble and a president of a unit, sold Equifax shares or exercised options to dispose of stock worth about $1.8 million, regulatory filings show.

“If that happened, somebody needs to go to jail,” said Sen. Heidi Heitkamp (D-N.D.), who sits on the Senate Banking Committee, at a credit union industry conference in Washington, D.C.. “It’s a problem when people can act with impunity with no consequences. How is that not insider trading?”

“In N.C., it is free to initiate a security freeze if you do it online,” said Stein. “A security freeze, or credit freeze, stops ‘new account fraud’ so crooks can’t take out new lines of credit in your name no matter how much stolen private information they have about you.”

 Equifax’s Chief Executive Officer Richard Smith said in an opinion piece in USA Today on Tuesday that the company “will make changes.” Smith said the company first learned of the breach on July 29 but waited six weeks to make it public because “we thought the intrusion was limited.”

“We are devoting extraordinary resources to make sure this kind of incident doesn’t happen again. We will make changes and continue to strengthen our defenses against cyber crimes,” he said.

Visit www.ncdoj.gov for a guide on securing your credit and personal information.