WASHINGTON – Former Equifax Chief Executive Officer Richard Smith repeatedly apologized to a Senate committee Wednesday for the massive security breach that affected 145 million Americans and denied allegations that three Equifax executives engaged in insider trading.
The senators on the Committee on Banking, Housing, and Urban Affairs, however, weren’t buying the denials and apologies. Neither was the “Monopoly Man,” a protester imitating Rich Uncle Pennybags, the character in the board game, wearing a top hat, monocle and large, fake mustache. He sat in the audience behind Smith to protest the forced arbitration clause in one of the initial consumer offers following the Sept. 7 announcement of the breach that has since been removed.
“This criminal attack occurred on my watch and I take full responsibility,” Smith said. “Americans have a right to know how this happened and I am truly and deeply sorry.”
Equifax learned of the breach in late July. The breach, from mid-May through late July, exposed personal information of about 145 million Americans, including Social Security numbers, names and birth dates. Smith resigned as CEO last week.
Despite Smith’s frequent apologies, however, senators on the committee were not forgiving.
“A breach this big in this day and age when we have people who are so good at this stuff is absolutely unbelievable,” Sen. Jon Tester, D-Mont., said.
Smith attempted to assure the committee that Equifax was making efforts to assist those affected by the breach, including the abilities to monitor consumer credit files across the “big three” credit bureaus, lock their Equifax credit file, access to Equifax credit files, dark web scans for consumers’ social security numbers, and an insurance policy to cover out-of-pocket costs associated with identity theft. Senators, however, did not see how those efforts would help those whose data is compromised.
“We can applaud your five proactive efforts, but it doesn’t do a damn thing for the people who had their credit stolen,” Tester said.
Senators were also infuriated over the possibility that three Equifax executives engaged in insider trading.
“You had a hack, but you didn’t know the severity, that you found out about on the 29th of July,” Tester said. “On the same day you decide to tell the FBI, Aug. 2, three of your top executives sell?”
Smith denied that his executives – Chief Financial Officer John Gamble and senior executives Joseph Loughran and Rodolfo Ploder — were aware of the severity of the hack when they traded. He assured the committee that the three executives went through the proper procedure to sell their stocks, getting approval from Equifax’s general counsel.
“Those three men I’ve known for a long time,” Smith said. “They are honorable men who followed the protocol outlined by the organization.”
Sen. Tim Scott, R-S.C., said he doubted that the three executives had no idea of the severity of the breach.
“Your senior executives sold stocks for a profit of $650,000, compared to if they had sold on the day you announced the breach,” he said. “All those other folks that had your stock but didn’t sell before then bear the burden of a $6.4 billion dropping valuation.”
“You’re telling me, at the same time all the executive folks had no clue about the breach, they happened to be the luckiest investors in August?” Scott continued. “That was just pure luck?”
Sen. Elizabeth Warren, D-Mass. echoed this frustration. “The incentives in this industry are out of whack,” she said. “Senior executives like you should be held accountable.”
According to Securities and Exchange Commission filings, Gamble, Ploder and Loughran combined sold nearly $2 million worth of stocks on Aug. 2. The Justice Department has reportedly opened a criminal investigation on these three executives.