One year after Equifax, credit rating agencies still reside in a cyber gray area

It's been a year since the massive Equifax data breach was revealed, but Congress and federal agencies appear stuck in neutral when it comes to crafting a policy response that would address cybersecurity requirements for consumer credit agencies, including breach-notice and related issues.

The hack at Equifax -- which exposed Social Security numbers and other sensitive information on approximately 150 million Americans -- raised policy questions related to timing of that firm’s notification of consumers, its acknowledged failure to apply...