equifax dataWASHINGTON – Today U.S. Senator Bob Menendez (D-N.J), senior member of the Senate Banking Committee, joined a group of 31 senators in demanding answers on reports that the Consumer Financial Protection Bureau (CFPB) has halted its investigation into how Equifax failed to protect the personal data of over 145 million Americans.


“We are deeply troubled by recent news reports that, under Director Mulvaney’s leadership, the CFPB has stopped its investigation into the Equifax breach,” the senators wrote. “The CFPB is currently the only federal agency with supervisory authority over the largest consumer reporting agencies. Consumer reporting agencies and the data they collect play a central role in consumers’ access to credit and the fair and competitive pricing of that credit. Therefore, the CFPB has a clear duty to supervise consumer reporting agencies, investigate how this breach has or will harm consumers, and bring enforcement actions as necessary.”

According to reports, CFPB has not issued any subpoenas, sought testimony from key executives at Equifax or proceeded with on-site examinations.

The Equifax breach exposed data that included customers’ names, Social Security numbers, birthdates, addresses, driver’s license numbers, and, for some consumers, credit card numbers. This data could easily be used by criminals to steal people’s identity or commit fraud. The impact on consumers whose data has been stolen is potentially devastating. As a result of identity theft and fraud, customers face the risk of having debt accrued in their name. They could suffer long-lasting damage to their credit, which could lead to them being denied loans, mortgages, employment, or even rental housing. To resolve the damage done by this data breach, they will likely spend months, if not years, trying to correct resulting errors and problems with their financial records.

In December, Sen. Menendez and U.S. Representative Albio Sires (N.J.-08) introduced two critical pieces of legislation in both houses of Congress that would strengthen protections for consumers’ personal data and establish reasonable accountability measures for businesses and consumer reporting agencies that fail to safeguard consumers’ personal information. The Consumer Data Protection Act, a comprehensive plan Sen. Menendez first announced in September, would strengthen protections for consumers impacted by data breaches of consumer reporting agencies (“CRAs”).  The legislation holds CRAs accountable for such data breaches and incentivizes better data security practices while at the same time providing impacted consumers with tools to protect themselves.  

Joining Senator Menendez on the letter to Office of Management and Budget Director Mick Mulvaney and CFPB Acting Director Leandra English are U.S. Senators Brian Schatz (D-Hawaii), Elizabeth Warren (D-Mass.), Sherrod Brown (D-Ohio), Jeanne Shaheen (D-N.H.), Jon Tester (D-Mont.), Chris Van Hollen (D-Md.), Tom Udall (D-N.M.), Heidi Heitkamp (D-N.D.), Tammy Duckworth (D-Ill.), Catherine Cortez Masto (D-Nev.), Jeff Merkley (D-Ore.), Jack Reed (D-R.I.), Ed Markey (D-Mass.), Joe Donnelly (D-Ind.), Tina Smith (Minn.), Tammy Baldwin (D-Wis.), Kirsten Gillibrand (D-N.Y.), Gary Peters (D-Mich.), Patty Murray (Wash.), Bernie Sanders (I-Vt.), Richard Blumenthal (D-Conn.), Angus King (I-Maine), Ron Wyden (D-Ore.), Maggie Hassan (D-N.H.), Dianne Feinstein (D-Calif.), Mark Warner (D-Va.), Amy Klobuchar (D-Minn.), Debbie Stabenow (D-Mich.), Dick Durbin (D-Ill.), Chris Murphy (D-Conn.), and Doug Jones (D-Ala.).