Equifax CEO Steps Down After Massive Data Breach
26.9.2017 securityweek CyberCrime
Equifax CEO Richard Smith Steps Down After Massive Data Breach, Will Not Get Annual Bonus
Equifax chairman and CEO Richard Smith stepped down Tuesday, just weeks after the company disclosed a massive data breach that exposed more than 143 million U.S. individuals.
Paulino do Rego Barros, Jr., who most recently served as President, Asia Pacific, and is a seven-year veteran of the company, has been appointed as interim Chief Executive Officer.
The company said that Board member Mark Feidler has been appointed to serve as Non-Executive Chairman.
According to an SEC filing, Smith will not receive his annual bonus outlinted in a 2008 employment agreement, and added that he "irrevocably disclaims any right he may have to such bonus."
The credit ratings firm said it would conduct a search for a new permanent CEO, and would consider both internal and external candidates. Smith has agreed to serve as an unpaid adviser to Equifax to assist in the transition.
News of Smith's departure comes just days after Equifax announced that Chief Security Officer Susan Mauldin and Chief Information Officer David Webb had retired from the company.
"The Board remains deeply concerned about and totally focused on the cybersecurity incident. We are working intensely to support consumers and make the necessary changes to minimize the risk that something like this happens again,” Feidler said in a statement. “Speaking for everyone on the Board, I sincerely apologize.”
Feidler said the company has formed a special committee to focus on the issues arising from the breach “to ensure that all appropriate actions are taken."
The breach, which affects roughly 143 million U.S. consumers, involved names, social security numbers, dates of birth, addresses and, in some cases, driver’s license numbers. Roughly 100,000 Canadians were also affected by the incident.
After New York Attorney General Eric T. Schneiderman announced the launch of a formal investigation into the Equifax breach, Illinois and nearly 40 other states joined the probe as of Sept. 20.
Equifax says that it maintains data on more than 820 million consumers and more than 91 million businesses worldwide.
Equifax shares have fallen more than 30% since the disclosure of the breach, wiping more than $5 billion off the company’s market capitalization.