Senate Investigation Shows Equifax Knew about Security Risks for Years

Senate Investigation Shows Equifax Knew about Security Risks for Years

March 7, 2019         Written By John H. Oldshue

The Senate conducted a thorough investigation into the Equifax data breach that affected 145 million people. According to the report, “Equifax was aware of cybersecurity weaknesses for years” before the breach occurred in 2017.

In October 2015, Equifax conducted an audit of their patch management processes to assess cybersecurity vulnerabilities. Prior to that, the former CSO of Equifax says the had “no official corporate policy” for patching vulnerabilities on company systems, nor were there defined responsibilities for who was to govern over these matters.

The Senate found that as of August 2015, Equifax had a backlog of over 1,000 critical/high vulnerabilities on external systems and 7,500 critical/high vulnerabilities on internal systems. Nearly all of the internal issues (93%) were over 90 days old.

This data aligns with a similar report from the Committee on Oversight and Government Reform. After a 14-month investigation, the committee found the breach was “entirely preventable,” with over 300 expired security certificates and an overall “antiquated” IT system.

In a hearing the Homeland Security and Governmental Affairs Subcommittee held today, the CEO of Equifax, Mark Begor, discussed improvements the credit bureau has made since the breach. He said the company now has “multi-layers of defense,” including automated systems to address patches when they arise.

The information contained within this article was accurate as of March 7, 2019. For up-to-date information on any of the terms, cards or offers mentioned above, visit the issuer's website. Many of the offers on this article are from our affiliate partners, and may be compensated if you take action with any of our affiliate partners.


About John H. Oldshue

John Oldshue is the creator of He worked for over 15 years in television and won an Emmy award for his reporting. He covers credit card rate issues for
View all posts by John H. Oldshue
Featured No Annual Fee Card
Top Features : Earn cash back twice. 1% when you buy plus 1% as you pay; 0% APR for 18 months on balance transfers
Featured Low Interest Card
Top Features : No annual fee; $150 statement credit after spending $1,200 in first 90 days; 0% on Purchases for 12 months and Balance Transfers for 18 months
Featured Balance Transfer Card
Top Features : 0% APR for 21 months on Balance Transfers and 12 months on Purchases; no annual fee, late fee or penalty rate
Featured Bad Credit Card
Top Features : Reports to all three credit bureaus, perfect credit not required for approval
Featured Fair Credit Card
Top Features : All credit types welcome to apply!