Dear Neighbor,

Like so many in our community, I remain deeply concerned about the September 2017 data breach of Equifax, one of the nation’s largest consumer credit reporting agencies. The breach may no longer be making headlines, but it remains a very real concern for the 143 million Americans whose personal information was illegally accessed and exposed.

This week I joined my Democratic colleagues on the Oversight and Government Reform Committee in sending a letter to Equifax urging them to extend from one year to at least three years the credit protection and identity theft services they are offering victims of the breach. There is no expiration date on the nagging sense of anxiety and uncertainty that this massive technological and regulatory failure brought upon millions of Americans. It is only fair that Equifax continue the expanded protections they are providing the victims of their negligence.

Unfortunately, I worry the Trump administration is no longer holding Equifax accountable for this breach. Recent news reports indicate that the Consumer Financial Protection Bureau, led by Acting Director Mick Mulvaney, is prematurely slowing down or ending its investigation into the Equifax breach. The core mission of the CFPB is to provide the American public with advocacy and security in the face of harmful assaults against their basic rights as consumers. If these reports are true, Acting Director Mulvaney has completely abdicated his responsibility to the American consumers he swore to protect.

I have sent a letter to Acting Director Mulvaney demanding answers to the following questions:

1. What decisions have you personally made regarding CFPB’s investigation into the Equifax data breach?
2. Has CFPB assessed whether Equifax has complied with federal consumer financial law?
3. What agencies is CFPB working with regarding Equifax’s data breach and response?
4. Has CFPB declined offers by the Federal Reserve, Federal Deposit Insurance Corp, or Office of the Comptroller of the Currency to help with on-site exams of credit bureaus?
5. Will CFPB by itself or in conjunction with partner agencies conduct on-the-ground tests of how Equifax protects data? If so, when do you expect these tests to occur?
6. Does CFPB plan to seek sworn testimony from Equifax executives prior to closing this matter?
7. What steps has CFPB taken or does CFPB plan to take in looking into the Equifax data breach?
8. Has CFPB communicated with credit reporting agencies regarding their business practices to prevent future breaches and consequential harm to the public?