The U.S. Senate Permanent Subcommittee on Investigations concluded, much like an earlier the Government Accountability Office report, that Equifax failed to follow its own cybersecurity policies, including those spelling out how and when to patch critical software vulnerabilities. Equifax has hired a new CIO and CISO and plans to spend $1.25 billion on security between 2018 and 2020, the spokesperson added. The report also notes that due to missing documents and internal chat logs, a full understanding of what happened could not be achieved.”]
Source: https://www.cuinfosecurity.com/congressional-report-rips-equifax-for-weak-security-a-12355