Consumer Financial Protection Bureau is revoking its investigation into credit agency Equifax, which allowed hackers to access the personal information of more than 145 million Americans. This raised questions as to why the ones who oversee the nation’s top consumers are not vigorously looking into one of the worst data breaches in the country’s history.

“The bureau’s interim director, White House budget chief Mick Mulvaney, has taken us through the looking glass by deciding not to issue subpoenas or seek sworn testimony from Equifax execs.”

The CFPB set aside plans to run on the ground tests to see how efficiently Equifax protects data.

The agency said stated, “the bureau is looking into Equifax data breach and response. Reports to the contrary are incorrect.”

Consumer advocates caught on to a pattern of Mulvaney crippling the CFPB’s regulatory role over the financial services industry.

Senior legislative counsel for the Center for Responsible Lending, Yana Miles said Mulvaney “is finding new ways to sabotage the consumer bureau.”

Trump’s contempt for the CFPB has been made clear. CFPB has returned about $12 million to vexed consumers since their opening.

“House Democrats have formally requested that Equifax extend free credit protection and identity theft from one year to three years following Equifax’s massive loss of 145.5 million Americans’ private information. Democratic members of the House Committee on Oversight and Government Reform said that ‘one year of protection is inadequate.”

Waiting for the current administration or US Congress to take action that might actually hold corporate America accountable would be a waste of time. To our comfort, we don’t need the United States government to do anything. The European Union already took initiative to it with the General Data Protection Regulation (GDPR), which goes into effect in May.

Tomer Weingarten, CEO, and co-founder of SentinelOn says,“Organizational security needs real attention from the CEO and top leadership in order to start mapping risk in the enterprise. Business decisions must be heavily influenced by cyber risk and potential outcomes. This won’t come naturally, but as a society, if we want to move forward and better ourselves from past mistakes, this is what must be done, and mandated policy on the handling of these situations must be enforced.”