Republican and Democratic senators are gobsmacked that Equifax just received a government contract to help the IRS guard against fraud.
Just last month, the credit monitoring agency announced a massive security breach that may have exposed the sensitive personal information of as many as 145.5 million people.
“You realize to many Americans right now, that looks like we’re giving Lindsay Lohan the key to the minibar,” Senator John Kennedy, a Republican of Louisiana, said Wednesday to former Equifax CEO Richard Smith at a Senate Banking Committee hearing.
The $7.25 million deal was finalized last week and first reported on Tuesday. It was mentioned repeatedly by lawmakers at the hearing, which looked broadly at the breach, its effect on consumers and concerns about insider trading.
Equifax signed on to help the tax agency “verify taxpayer identity and to assist in ongoing identity verification and validations needs,” according to contract details posted online.
Sen. Ben Sasse, a Republican from Nebraska, said he planned to follow up with the IRS to ask them “why this contract should go forward.” He and Sen. Elizabeth Warren sent a letter Wednesday to IRS Commissioner John Koskinen asking why the agency had awarded the contract to Equifax and if the company had pledged to improve its cybersecurity requirements following the breach.
“I won’t ask for a show of hands in the room, but I don’t know who would want to say, ‘We should buy fraud protection from the people who were just hacked and dumped 145 million American records,'” he said at the hearing.
Sen. Heidi Heitkamp, a Democrat from North Dakota, told Smith that Equifax should consider backing away from the agreement.
“Tell the IRS, ‘It’s okay to migrate the contract someplace else, and say, ‘We’re getting our house in order. We understand that we have a ways to walk back our reputation,” she said.
The IRS and Equifax did not respond to requests for comment.
Smith is scheduled to make an additional appearance before the Senate Judiciary subcommittee on privacy Wednesday afternoon.
Despite Smith’s departure from Equifax, which was announced on Sept. 26, the company is still in hot water.
In addition to Congressional inquiries, Equifax faces a number of state and federal probes related to the hack. The company is currently under investigation by the Department of Justice, the FBI and the Federal Trade Commission.
Many states are pursuing their own investigations. Massachusetts decided to file a lawsuit last month.