As the kids say:
The Equifax data breach, which exposed the sensitive personal information of nearly 146 million Americans, happened because of a mistake by a single employee, the credit reporting company’s former chief executive told members of Congress on Tuesday.
Richard F. Smith, who stepped down last week, repeatedly apologized to the members of the House Energy and Commerce Committee — and the American people — for the security lapse.
But he also sought to play down the severity of the problems that had led to the breach, defended the company’s response to the crisis and deflected questions about how far Equifax would go to compensate consumers who were financially harmed.
Lawmakers also grilled Mr. Smith about the stock sales by three senior Equifax executives, who sold shares worth almost $1.8 million in the days after the breach was discovered, but before it was disclosed. The sales were approved by John J. Kelley III, Equifax’s chief legal officer, who knew at the time that the company’s technical department had detected suspicious activity on Equifax’s network.
The company at the center of the biggest breach of personal information just signed a contract with the federal government to provide, well, personal information.
The Internal Revenue Service signed a $7.25 million contract with Equifax last month. The no-bid contract, first reported by Politico, is for Equifax to provide the IRS with taxpayer and personal identity verification services. The contract stated that Equifax (EFX, +2.48%) was the only company capable of providing these services to the IRS, and it was deemed a “critical” service that couldn’t lapse.
The news of the contract came on the same day that lawmakers heard from the company’s former chairman and chief executive on how hackers were able to access the information of 145 million Americans, including Social Security numbers and dates of birth. The executive, Richard Smith, apologized to a House panel for the data breach.
Rep. Earl Blumenauer, D-Ore., said in a letter to IRS Commissioner John Koskinen that he initially thought his staff was sharing a copy of the Onion, a humor newspaper, until he realized the story about the contract was true.
The Internal Revenue Service rehired 213 employees who ducked taxes, falsified documents, were convicted of theft, or made unauthorized use of taxpayer data, an inspector general’s report says.
The Office of Treasury Inspector General for Tax Administration, which also first discovered the IRS’ targeting of conservative groups in 2013, examined the agency’s hiring from January 2015 through March 2016.
Republican leaders managed to derail impeachment of IRS Commissioner John Koskinen on Tuesday, forcing the debate back to a committee for more study, where it will die when Congress adjourns at the end of this year.
It was a quiet end to a saga that had bedeviled GOP leaders for more than a year, dating back to revelations that Mr. Koskinen misled a congressional investigation looking into the tea party-targeting scandal and former IRS senior executive Lois G. Lerner’s lost emails.
If someone can explain this, I’d like to hear it. Given the bone-deep incompetence that led to the Equifax data breach and the way the company handled it, I’m rather surprised they were even considered to be a competent vendor much less the winner of a major sole-source procurement. Competence aside, one would think the atmospherics alone would deter anyone with a pair of functioning neurons.
The larger question is why the IRS Commissioner still has a job. Koskinen has been threatened with a contempt of court citation for his sloth, indolence, and intransigence in a lawsuit brought by conservative groups who were targeted special scrutiny by the IRS and the House of Representatives has voted to censure him. If Tom Price can be fired for doing something legal by unwise, surely Koskinen can be fired for doing profoundly stupid and illegal things.