Security Icon Microsoft

Richard F. Smith, former CEO and chairman of Equifax, apologized for the company’s failure to protect 140 million American’s data. Noting human error and technology failures, he said victims aren’t ‘just numbers’ but families, friends, and neighbors.

The response follows Smith’s retirement, with which he will collect up to $90 million over a period of three years. The statement was part of a congressional testimony where Smith said the following:

To each and every person affected by this breach, I am deeply sorry that this occurred. Whether your personal identifying information was compromised, or you have had to deal with the uncertainty of determining whether or not your personal data may have been compromised, I sincerely apologize,” Smith said. “The company failed to prevent sensitive information from falling into the hands of wrongdoers.”

He added that “The criminal hack happened on my watch and as CEO I’m ultimately responsible and I take full responsibility.”

Attackers Still Not Clear

However, Smith holds that Equifax is still unaware who is responsible for the hack. He said simply, “we’ve engaged with the FBI. That’s all I’ll say.”

When faced with similar questions by New Jersey Republican Leonard Lance, he noted he has “no opinion” on who is behind the attack. He did then concede that it’s possible criminals outside of the U.S. were involved.

It also appears that both the FTC and CFTB were in the dark about the hack. Rep. Schakowsky said the regulators weren’t aware until the company’s announcement on September 8, and is pushing for greater regulation of credit companies.

Despite Smith’s apologies, she says, “American consumers don’t just need answers. They need actions.”