Many in the business world are reeling from the latest revelations concerning data breaches with Deloitte, Yahoo, and Equifax. On Tuesday, the former CEO for Equifax testified before Congress, throwing more gasoline on the fire.

Reporting on the hearing in Wired, Lily Hay Newman delves into six key areas. Below are the headliners from each of those findings.

1. The timeline of when executives knew about the breach is disheartening and suspect.

2. The patching process was inadequate.

3. Sensitive consumer information was stored in plaintext rather than encrypted.

4. Security reviews were only required on a quarterly basis.

5. Equifax won’t comment on, or rule out, nation-state attackers.

6. The credit agency made its breach notification site a separate domain because its main site wasn’t up to the task.

Read Newman’s full report in Wired.