Equifax already got rid of Mr. Smith, who announced his retirement last week. Even though he no longer works at Equifax, he was the only representative of the company to testify at the hearing. An Equifax spokesman, Wyatt Jefferies, declined to say whether any current executives had been invited to appear on Capitol Hill.

The company previously said that an unpatched software flaw had been to blame for the massive security breach, but on Tuesday, Mr. Smith went a step further, describing the “human error and technology failures” that turned a single oversight into a data breach that allowed attackers to obtain personal details on nearly half of America’s population.

In early March, the Department of Homeland Security sent Equifax and other companies an alert about a critical vulnerability in software that Equifax used in an online portal for recording customer disputes.

The company sent out an internal email requesting that its technical staff fix the software, but “an individual did not ensure communication got to the right person to manually patch the application,” Mr. Smith told the subcommittee. That was compounded by a technical error: The scanning software that Equifax used to detect vulnerabilities failed to find the unpatched hole, he said.

Lawmakers from both parties — many of them citing anecdotes from family members, staffers or constituents who have been caught up in the breach — called for greater government oversight of the largely unregulated credit reporting industry.

“We could have this hearing every year from now on if we don’t do something to change the current system,” said Representative Joe L. Barton, Republican of Texas. He called for new federal laws to “put some teeth” into penalties for data breaches.