Today, at a Minority Day Hearing to examine the massive data breach that occurred at Equifax, and to consider and discuss ideas for ensuring the integrity of our country’s consumer reporting system and safeguarding consumer data, Congresswoman Maxine Waters (D-CA), Ranking Member of the Committee on Financial Services, gave the following opening statement:
As Prepared for Delivery
Thank you to all of the witnesses who are here today.
To better understand the causes and impact of the massive data breach at Equifax, and examine all the issues with our broken credit reporting system, Committee Democrats requested this Minority Day hearing and invited the Chief Executive Officers of Equifax, Experian, and TransUnion—which are the three nationwide consumer reporting agencies in this country—as well as a group of senior staff from state government, experts, and consumer advocates, to testify here today. Unfortunately, the CEOs of each of the three major credit bureaus have refused to attend this hearing. It is particularly troubling that, since the massive breach, Equifax has yet to send an executive to testify before Congress who actually has the legal authority to commit the company to future action.
Equifax has badly mishandled virtually every aspect of this breach. They failed to update a known software vulnerability for several weeks; they failed to properly notify law enforcement agencies, as required by many state data breach laws and regulations and, even in announcing to the public about the breach, failed to provide consumers with the tools they needed to safeguard against identity theft and other harm that could be caused by the unauthorized exposure of their sensitive financial and personally identifiable information for free. But Equifax isn’t the only major credit bureau to have faced a major cyberattack. About two years ago, Experian— one of the other major bureaus— also had a breach that exposed millions of T-Mobile customers’ information. Yet, the head of Experian also declined to come to testify today.
These security breaches at the major credit bureaus are just one of many problems within the credit reporting industry. That’s why I have long called for a complete overhaul of the entire credit reporting system and recently reintroduced H.R. 3755, the “Comprehensive Consumer Credit Reporting Reform Act.” My bill shifts the burden of removing mistakes from credit reports onto the credit bureaus and furnishers, and away from consumers, limits credit checks for employment purposes, and reduces the time period that negative items stay on credit reports, among many other key reforms. It’s clearly time for us to fix the vast problems within the credit reporting sector.
There is enormous concern and frustration from consumers across the country about the lack of control that they have over how these companies collect, maintain, and sell consumer data. It is time for us to ensure there are adequate measures to hold these firms accountable for their business practices. And, I find it unacceptable that the three major credit bureaus have still failed to take even the most basic step to protect consumers, after this latest massive breach, by immediately providing all consumers with free credit freezes.
If executives at the three nationwide consumer reporting agencies are watching this hearing today, I want them to know that the days of their companies being able to operate with impunity are now over.