Equifax, which is already facing inquiries from the Consumer Financial Protection Bureau, the House Financial Services Committee, the Senate Finance Committee, the office of New York Attorney General Eric Schneiderman, and a lawsuit from the state of Massachusetts over its massive data breach, now has another regulator breathing down its neck – the Federal Trade Commission.
Citing the extraordinary circumstances surrounding the Equifax data breach, which exposed the personal information of 143 million U.S. consumers to hackers, the FTC broke with normal protocol and confirmed Thursday morning that it is investigating the situation at Equifax.
“The FTC typically does not comment on ongoing investigations,” Peter Kaplan, the FTC’s acting director of public affairs, said in a statement. “However, in light of the intense public interest and the potential impact of this matter, I can confirm that FTC staff is investigating the Equifax data breach.”
The scope of the FTC investigation is unknown at this point, but the news of the FTC launching its own investigation comes on the heels of a sizable bipartisan group of Senators sending a letter to the Securities and Exchange Commission, the Department of Justice, and the FTC asking the agencies to investigate whether three Equifax executives engaged in insider trading in the wake of discovering the breach.
As Bloomberg reported last week, three of Equifax’s executives (the company’s chief financial officer, president of U.S. information solutions, and president of workforce solutions) sold some of their stock just a few days after the breach was initially discovered, but more than a month before Equifax told the public that its systems had been hacked.
While the company said that the executives were not aware of the breach when they sold their stock, more than a third of the members of the Senate want to know whether that’s actually true or not.
“We write to request that the Securities and Exchange Commission, the Department of Justice, and the Federal Trade Commission investigate disturbing reports that senior Equifax executives sold more than $1.5 million in Equifax securities within days of a cybersecurity breach that may have compromised the personal information, including Social Security numbers, of as many as 143 million Americans,” the senators write in the letter.
“As part of your investigations, we request that you conduct a thorough examination of any unusual trading, including any atypical options trading, for violations of insider trading law,” the letter continues. “To the extent that your investigations uncover any information regarding whether Equifax management employed reasonable measures to ensure the security of the now compromised data prior to this cyber breach, we would appreciate your sharing these details.”
The senators close by urging the agencies to fully pursue the insider trading inquiry.
“We request that you spare no effort in your investigations and in enforcing the law to the fullest extent against anyone who is found to be at fault,” the senators conclude.
The letter is signed by Sens. Jack Reed, D-Rhode Island; John Kennedy, R-Louisiana;
Tammy Baldwin, D-Wisconsin; Dean Heller, R-Nevada; Richard Blumenthal, D-Connecticut; Susan Collins, R-Maine; Cory Booker, D-New Jersey; Sherrod Brown, D-Ohio; Bob Casey, D-Pennsylvania; Catherine Cortez Masto, D-Nevada; Richard Donnelly, D-Indiana; Richard Durbin, D-Illinois; Dianne Feinstein, D-California; Al Franken, D-Minnesota; Kirsten Gillibrand, D-New York; Maggie Hassan, D-New Hampshire; Kamala Harris, D-California; Heidi Heitkamp, D-North Dakota; Angus King, I-Maine; Amy Klobuchar, D-Minnesota; Patrick Leahy, D-Vermont; Joe Manchin, D-West Virginia; Edward Markey, D-Massachusetts; Claire McCaskill, D-Missouri; Bob Menendez, D-New Jersey; Jeff Merkley, D-Oregon; Patty Murray, D-Washington; Bernie Sanders, I-Vermont; Brian Schatz, D-Hawaii; Jeanne Shaheen, D-New Hampshire; Jon Tester, D-Montana; Tom Udall, D-New Mexico; Chris Van Hollen, D-Maryland; Mark Warner, D-Virginia; Elizabeth Warren, D-Massachusetts; Sheldon Whitehouse, D-Rhode Island; and Ron Wyden, D-Oregon.
Additionally, the FTC is also warning consumers of a scam targeting potential victims of the Equifax data breach.
According to this post on the FTC blog, scammers are calling people and pretending to be Equifax in order to steal their personal information.
“Stop. Don’t tell them anything. They’re not from Equifax. It’s a scam. Equifax will not call you out of the blue,” the FTC warns consumers.
Additional tips on avoiding similar scams can be found on the FTC’s website.
In the mean time, the FTC’s investigation is ongoing.