CFPB Director Richard Cordray said that Equifax and fellow credit-reporting agencies TransUnion and Experian will have to get used to a heightened level of scrutiny following the breach, in which the personal data of 143 million consumers – including Social Security numbers – was stolen by hackers. That heightened scrutiny will include embedded regulators to ensure that similar data breaches don’t happen again.
“If they’re going to restore public confidence in this marketplace, and if they’re going to create the kind of reforms necessary, they’re going to have to recognize the old days of just doing what they want, being subject to lawsuits now and then, are over,” Cordray told CNBC. “There has to be a scheme of preventive monitoring in place. They’re going to have to accept that, they’re going to welcome that. They’re going to have to be very forthcoming.”
Equifax is currently at the center of multiple investigations and has been hit with dozens of lawsuits over the breach. Its CEO, Richard Smith, announced his retirement this week – but may be collecting a golden parachute payout of up to $90 million, according to Fortune.
Cordray told CNBC that the Equifax hack was “far beyond” earlier high-profile data breaches at Target and Home Depot. He said a strong reaction was necessary.
“In the past they dealt with these problems on their own,” he said. “They did the best they could. … That’s not good enough.”
After Equifax’s massive data breach, credit-reporting agencies are going to have to get used to “a new regime,” the director of the Consumer Financial Protection Bureau said Wednesday.