Senate Dems' bill would penalize credit reporting agencies for breaches

Senate Dems' bill would penalize credit reporting agencies for breaches
© Getty Images

Sens. Elizabeth WarrenElizabeth Ann WarrenWarren battles Carson: Housing discrimination 'the scandal that should get you fired' Overnight Regulation: Omnibus includes deal on tip-pooling rule | Groups sue over rules for organic livestock | AT&T, DOJ make opening arguments in merger trial Warren presses Mulvaney, Azar on tip pooling MORE (D-Mass.) and Mark WarnerMark Robert WarnerTop Senate Dems demand report from Trump on UK nerve agent attack The Hill's 12:30 Report Overnight Tech: What we learned from Zuckerberg's media blitz | Opening arguments in AT&T-Time Warner trial | Trump plans new tariffs on China MORE (D-Va.) have introduced a bill aimed at penalizing credit reporting agencies for breaches following the Equifax data breach.

The Data Breach Prevention and Compensation Act would provide the Federal Trade Commission (FTC) with additional direct supervisory authority over data security at the agencies, as well as imposing penalties on the agencies and providing consumers with compensation as a means of preventing future breaches. 


"We are introducing a bill today to say that when a credit reporting agency lets your data be stolen, that there are substantial automatic penalties that go into place, and there's money that automatically goes back to the people whose data has been stolen," Warren told CNN's Alisyn Camerota on "New Day." 

Equifax announced in September hackers had taken advantage of a software flaw and were able to access the personal data of over 140 million customers. 

The personal data included Social Security numbers, phone numbers and addresses. 

The breach resulted in bipartisan outrage on Capitol Hill and the resignations of the company's chief information and security officers. 

"We had a hearing in [the Senate] Banking [Committee] and asked a lot of questions about it of the former CEO of Equifax, and you know what we found out? Equifax might make money off the breach," Warren said, citing the sales of credit protection products. 

The senator went on to say that if their law had been in place, Equifax would have been forced to pay a fine of over $1 billion. The bill also gives credit reporting agencies incentive to invest in security. 

"This approach says it's not about having a bunch of regulators come in and tell them how to design it, it's about saying there are real consequences if you do not provide adequate security for this data," Warren said.