The security team at Equifax failed to patch a vulnerability in March after getting a warning about the flaw, opening up the credit agency to a breach affecting 143 million people, the former chief executive said Monday.
Former CEO Richard Smith, in a statement to a congressional committee released Monday, offered a timeline of the cyber attack which is believed to be the worst in terms of damaging information leaked — including social security numbers and other sensitive data.
Smith said in prepared remarks to a House panel that the company on March 9 disseminated an internal memo warning about a software flaw identified by the government’s Computer Emergency Response Team (CERT).