EQUIFAX CEO Richard Smith has been formally called to give evidence before a Congressional committee next month, following the recent hack on the firm which saw some 143 million records disclosed.
Smith will testify before members of the subcommittee focused on digital commerce and consumer protection to explain the breach that has left half of American households wide open to identity theft.
Not only that, Congress will also want to know why the company only offered a year of 'free credit monitoring' to people affected and, in the small print, obliged them to waive away their legal rights to sue the company if they accepted the paltry offer.
The spilt data included not only names and addresses but also the all-important Social Security numbers that the US government uses to identify individuals.
"We look forward to hearing directly from Mr. Smith on this unprecedented breach that has raised serious questions about the security of consumers' personal information," said representatives Greg Walden and Bob Latta in a joint statement, chairman of the House Energy and Commerce Committee and chairman of the subcommittee focused on digital commerce and consumer protection respectively.
"We know members on both sides of the aisle appreciate Mr. Smith's willingness to come before the committee and explain how our constituents might be impacted and what steps are being taken to rectify this situation."
It won't be the only congressional committee that Smith will be required to testify to. The House Financial Services Committee is also planning to hold a hearing on the Equifax data breach, while the US Federal Trade Commission (FTC) has also announced that it is investigating.
At the same time, the company has been peppered with demands from representatives and senators to explain itself and the circumstances behind the breach.
Equifax this week confirmed that an unpatched flaw in the Apache Struts Web Framework was to blame for the breach, which is believed to have started in mid-May and only discovered at the end of July. Furthermore, the company only publicly disclosed the breach last week.
That disclosure has raised questions over lackadaisical IT and security practices at the company, which holds vast databases of sensitive personal information.
Senate Democratic leader Chuck Schumer even compared Equifax to Enron, the multi-billion dollar energy trading company which blew up in 2001 amid allegations of accounting fraud.
"It's one of the most egregious examples of corporate malfeasances since Enron," said Schumer, adding that Equifax's treatment of consumers was "disgusting" while describing the company's incompetence in protecting people's data as "deeply troubling". µ
But don't expect laptop prices
Vulnerability targets hardware created by Infineon Technologies
Expect something commercial in 2019
Ex-employees say bugs were stolen and used in future attacks