U.S. Markets closed

Congressman on Equifax: Can’t legislate against stupidity but can hold people accountable

Michelle Fox

If accounts on Equifax's website in Argentina used the generic username and password "admin," that is "just awful," the chair of the House Energy and Commerce Committee told CNBC on Thursday.

Researchers at Hold Security, a Milwaukee-based cybersecurity firm, found that after some guesswork,

they were able to uncover personal employee information

housed on Equifax's South American site. Their findings are not related to the Equifax breach in the United States.

"You can't stop stupidity. You can't legislate against it, but you can hold people accountable for it," Rep. Greg Walden, R-Ore., said in an interview with "

Power Lunch.

"

Equifax told CNBC in a statement that it acted immediately to remedy the situation in Argentina, "which affected a limited amount of public information strictly related to consumers who contacted our customer service center and the employees who managed those interactions."

Walden chairs the committee that is holding a hearing on the massive data breach in the U.S., which could impact up to 143 million Americans. Equifax

(NYSE: EFX)

CEO Richard Smith is

expected to testify

before the committee at an Oct. 3 hearing.

"I want to know all the answers here. I want to ask all the questions, then we'll get to what the actions are going forward," Walden said.When asked if it was a precursor to more regulation, he replied, "It may be."However, he noted, in past cybersecurity hearings almost every witness has cautioned about overregulating. They have said it is too dynamic of a threat to lock into a statute and doing so could tie their hands and misallocate capital, Walden said.While there are a lot of data breach issues to be addressed at the hearing, he said there are also the actions of some employees that need to be scrutinized.

Three

Equifax executives sold shares worth nearly $2 million

days after the breach was found, filings to the Securities and Exchange Commission showed.

"Company says they have no knowledge. Boy, the timing sure doesn't look good," Walden said.

The House investigation isn't the only probe into the data breach. The

Federal Trade Commission said Thursday it's investigating

what happened. And Senate Minority Leader

Chuck Schumer

also called for Equifax executives to agree to testify in the Senate.

Equifax shares have lost nearly a third of their value since Sept. 7, when the company reported the breach after market hours. The stock closed down more than 2 percent Thursday.— CNBC's Thomas Franck, Liz Moyer, Todd Haselton and Yen Nee Lee contributed to this report.

If accounts on Equifax's website in Argentina used the generic username and password "admin," that is "just awful," the chair of the House Energy and Commerce Committee told CNBC on Thursday.

Researchers at Hold Security, a Milwaukee-based cybersecurity firm, found that after some guesswork,

they were able to uncover personal employee information

housed on Equifax's South American site. Their findings are not related to the Equifax breach in the United States.

"You can't stop stupidity. You can't legislate against it, but you can hold people accountable for it," Rep. Greg Walden, R-Ore., said in an interview with "

Power Lunch.

"

Equifax told CNBC in a statement that it acted immediately to remedy the situation in Argentina, "which affected a limited amount of public information strictly related to consumers who contacted our customer service center and the employees who managed those interactions."

Walden chairs the committee that is holding a hearing on the massive data breach in the U.S., which could impact up to 143 million Americans. Equifax

(NYSE: EFX)

CEO Richard Smith is

expected to testify

before the committee at an Oct. 3 hearing.

"I want to know all the answers here. I want to ask all the questions, then we'll get to what the actions are going forward," Walden said.

When asked if it was a precursor to more regulation, he replied, "It may be."

However, he noted, in past cybersecurity hearings almost every witness has cautioned about overregulating. They have said it is too dynamic of a threat to lock into a statute and doing so could tie their hands and misallocate capital, Walden said.

While there are a lot of data breach issues to be addressed at the hearing, he said there are also the actions of some employees that need to be scrutinized.

Three

Equifax executives sold shares worth nearly $2 million

days after the breach was found, filings to the Securities and Exchange Commission showed.

"Company says they have no knowledge. Boy, the timing sure doesn't look good," Walden said.

The House investigation isn't the only probe into the data breach. The

Federal Trade Commission said Thursday it's investigating

what happened. And Senate Minority Leader

Chuck Schumer

also called for Equifax executives to agree to testify in the Senate.

Equifax shares have lost nearly a third of their value since Sept. 7, when the company reported the breach after market hours. The stock closed down more than 2 percent Thursday.

— CNBC's Thomas Franck, Liz Moyer, Todd Haselton and Yen Nee Lee contributed to this report.



More From CNBC