Equifax CEO Exits Following Massive Data Breach

Equifax’c chairman and chief executive, Richard Smith is to leave the company effective immediately in the wake of a massive data breach that exposed the personal details of millions of people.

Smith, who has been chairman and chief executive since 2005, is the third senior executive to leave Equifax since the breach was announced earlier this month, following the departures of the firm’s chief information officer and chief security officer.

UK consumers affected

The breach exposed names, social security numbers, birth dates, addresses and, in some cases, driver’s licence numbers and affected about 143 million people. It exposed the credit card numbers of around 209,000 US consumers and the personal details of about 400,000 UK consumers, whose information was mistakenly stored in the US.

“The cybersecurity incident has affected millions of consumers, and I have been completely dedicated to making this right,” Smith stated. “At this critical juncture, I believe it is in the best interests of the company to have new leadership to move the company forward.”

Current board member Mark Feidler is to take over as non-executive chairman, while the company has appointed Paulino do Rego Barros Jr., who most recently was president of Equifax’s Asia-Pacific operations as interim chief executive. The company said it has initiated a search for a new permanent chief executive.

Confusing response

“The Board remains deeply concerned about and totally focused on the cybersecurity incident,” Feidler stated. “We are working intensely to support consumers and make the necessary changes to minimise the risk that something like this happens again. Speaking for everyone on the Board, I sincerely apologise.”

The breach, which gave attackers access to Equifax’s network between mid-May and July of this year, has resulted in a number of investigations and lawsuits, and has seen Equifax’s share price lose a quarter of its value since the announcement.

Equifax was criticised for its confusing response to the hack and for waiting a month before informing clients. A class action lawsuit has been filed accusing it of negligence.

The US Senate committee on banking, housing and urban affairs is set to hold a hearing on the matter on 4 October and Smith is still scheduled to testify before it.

Several top executives sold shares worth $1.7 million (£1.3m) a few days before the hack was announced, something also reportedly being investigated by federal authorities.

Do you know all about security in 2017? Try our quiz!