The House Energy and Commerce Committee has sent Equifax a long list of questions related to the breach that compromised more than 100 million people’s personal information.
The letter, dated Friday, contains seven pages of document requests and questions as part of the panel’s investigation, nearly a full page of which is devoted to documents.
“Our intention is to continue to get answers for the 145.5 million Americans who have had their personal information compromised,” reads the letter.
{mosads}The letter asks that Equifax provide all of the communications between former Chief Executive Officer Richard Smith, former Chief Security Officer Susan Mauldin and former Chief Information Officer David Webb concerning the security flaw leading into the breach and all communications to and from the chief legal officer, John Kelley, on the issue.
The letter also asks for the technical reports from Mandiant, the firm hired to investigate and remediate the breach.
The committee is also seeking answers on 34 bullet-pointed issues, including web design allowing victims’ personal information to be stolen through the public-facing site, warnings in advance that security problems existed, encryption policies and the controversial sale of stocks by executives in the days between the company learning of the breach and publicly announcing it.
The committee held a hearing on Equifax’s historic breach in October that featured the testimony of Smith. But the committee says the former executive’s vantage point was insufficient.
“Because Mr. Smith can no longer speak for Equifax’s plans going forward and due to subsequent revelations that have come to our attention, we have additional questions about the data breach, the post-breach response, and consumer protection remediation offered by Equifax,” reads the letter.