REP. COSTELLO URGES DATA SECURITY REQUIREMENTS IN FEDERAL CONTRACTS
Washington, D.C. – Rep. Ryan Costello (PA-06) joined a bipartisan group of his colleagues on the Energy and Commerce Committee in sending a letter to the General Services Administration (GSA) requesting information on GSA’s data security evaluations when considering and awarding federal contracts.
The Committee was made aware GSA had previously awarded federal contracts to Equifax, a company whose security breach resulted in 145.5 million Americans having their Social Security Numbers, addresses, names, and other personal information compromised due to cybersecurity vulnerabilities at the company. Contracts awarded by GSA to Equifax were for data work with the Internal Revenue Service, Social Security Administration and the Centers for Medicare and Medicaid Services.
“Companies that handle consumers’ personal information as part of their work with the federal government must demonstrate an ability to protect this sensitive information as part of the contract application process - no excuses,” said Rep. Costello. “Similarly, federal agencies vetting potential contractors should have a strong confidence in those companies’ ability to securely guard such information.”
This letter follows Rep. Costello’s previous and ongoing scrutiny over the breach and his work to make sure those responsible are held accountable. In early October at an Energy and Commerce Committee Subcommittee hearing, he questioned the former CEO of Equifax on the data breach, including why the company was not prepared to assist its customers in the face of such a breach. Rep. Costello also signed onto a letter sent to the Internal Revenue Service (IRS) that questioned the decision by the IRS to continue its contract for data services with Equifax even after the breach. The IRS has since suspended the contract.