The Internal Revenue Service signed a $7.25 million contract with Equifax last month. The no-bid contract, first reported by Politico, is for Equifax to provide the IRS with taxpayer and personal identity verification services. The contract stated that Equifax (EFX) was the only company capable of providing these services to the IRS, and it was deemed a “critical” service that couldn’t lapse.

The news of the contract came on the same day that lawmakers heard from the company’s former chairman and chief executive on how hackers were able to access the information of 145 million Americans, including Social Security numbers and dates of birth. The executive, Richard Smith, apologized to a House panel for the data breach.

Rep. Earl Blumenauer, D-Ore., said in a letter to IRS Commissioner John Koskinen that he initially thought his staff was sharing a copy of the Onion, a humor newspaper, until he realized the story about the contract was true.

“I am shocked that the IRS would contract with this firm for activities that they are clearly unfit to carry out,” Blumenauer wrote.

Blumenauer said the news of the Equifax breach was public in early September, giving the agency time to re-evaluate its decision. He requested that the agency share with him the materials used to justify the awarding of the contract.