custom ad
NewsSeptember 27, 2017

NEW YORK -- Equifax CEO Richard Smith retired effective immediately Tuesday, as the credit-reporting agency tries to clean up the mess left by a damaging data breach that exposed highly sensitive information about 143 million Americans. His departure follows those of two other high-ranking executives after Equifax's disclosure hackers exploited a software flaw the company didn't fix to access people's Social Security numbers, birthdates and other personal data that provide the keys to identify theft.. ...

By KEN SWEET and MICHAEL LIEDTKE ~ Associated Press
Equifax CEO Richard Smith poses for a photo at the Equifax headquarters May 30, 2007, in Atlanta.
Equifax CEO Richard Smith poses for a photo at the Equifax headquarters May 30, 2007, in Atlanta.Joey Ivansco ~ Atlanta Journal-Constitution via AP, file

NEW YORK -- Equifax CEO Richard Smith retired effective immediately Tuesday, as the credit-reporting agency tries to clean up the mess left by a damaging data breach that exposed highly sensitive information about 143 million Americans.

His departure follows those of two other high-ranking executives after Equifax's disclosure hackers exploited a software flaw the company didn't fix to access people's Social Security numbers, birthdates and other personal data that provide the keys to identify theft.

Smith, who had been Equifax's CEO since 2005, also will step down from the chairman post. Paulino do Rego Barros Jr., most recently president of the Asia Pacific region, was named interim CEO, while board member Mark Feidler was appointed non-executive chairman. Equifax said it will look inside and outside the company for a permanent CEO.

Equifax said Smith was retiring, but will not receive his annual bonus and other potential retirement-related benefits until the company's board concludes an independent review of the data breach. If the review does not find Smith at fault, he could walk away with a retirement package of at least $18.48 million, along the value of the stock and options he was paid out over his 12-year tenure.

Even with the departures of three top executives, Equifax still is facing several inquiries and class-action lawsuits, including congressional investigations, queries by the Federal Trade Commission and the Consumer Financial Protection Bureau, as well as several state attorneys general. Three executives, none of them among those who have left, were found to have sold stock for a combined $1.8 million before Equifax disclosed the most serious breach, though the company said they were unaware of it at the time.

This photo shows the Equifax Inc. headquarters July 21, 2011, in Atlanta.
This photo shows the Equifax Inc. headquarters July 21, 2011, in Atlanta.Mike Stewart ~ Associated Press, file

Although analysts previously had applauded Equifax's performance under Smith, he and the rest of his management team had come under fire for lax security and its response to the breach. Confusion over the terms of credit-monitoring protection and jammed phone lines added to people's ire. Its stock has lost a third of its value -- a $5.5 billion setback.

Equifax tried to appease incensed lawmakers, consumers and investors by announcing the unceremonious retirement of its chief security officer and chief information officer, who were responsible for managing and protecting the company's technology. But that wasn't enough, with lawmakers drawing up bills that would impose sweeping reforms on Equifax and its two main rivals, Experian and TransUnion.

Receive Daily Headlines FREESign up today!

Smith had been scheduled to appear at two congressional hearings next week that likely would have turned into a public lambasting. The House Energy and Commerce committee said in a tweet it still plans to hold its hearing Oct. 3. A member of the Senate Banking Committee said he still wanted Smith to appear Oct. 4 as planned.

"A CEO walking out the door just days before he is to appear before Congress is an abdication of his responsibility. This company has jeopardized the financial health and security of 143 million people, and they need to be held responsible. So I fully expect Mr. Smith to testify before the Banking Committee next week, regardless of the timing of his retirement," said Sen. Brian Schatz, D-Hawaii.

The data breach might not have happened if Equifax had responded promptly to a March warning about a known security weakness in a piece of open-source software called Apache Struts. Even though a repair was released, Equifax didn't install it immediately. Digital burglars used the crack in Equifax's computer systems to break in from May 13 through July 30, according to the company's accounting.

Equifax said it didn't fathom the breadth of information that had been stolen until shortly before issuing a public alert Sept. 7, triggering the wave of withering condemnations that has led to Smith's departure.

The jobs of other Equifax executives still could be in jeopardy. The three who sold shares, including Equifax's chief financial officer, are under scrutiny.

Smith's departure also won't make life any easier for most of the U.S. adult population who had their information accessed and now must worry about impostors assuming their identities to obtain credit cards and apply for loans.

Equifax Inc. is providing a year of free protection against identify theft for anyone who wants it, but some lawmakers are trying to pressure the company into extending that offer for the next decade. Some experts say that still isn't enough to guard against identify theft and are advising consumers to put a freeze on their files at Equifax, Experian and TransUnion to prevent anyone from getting a loan under their names.

A credit freeze though creates its own headaches since it also prevents the person making it from getting a new credit card, mortgage, auto loan or even an expensive smartphone paid through monthly installments. It also costs money to do at Experian and TransUnion in most states. Equifax is temporarily waiving its normal fee for credit freeze as another part of its effort make amends for its security breakdown.

Liedtke contributed from San Francisco.

Story Tags
Advertisement

Connect with the Southeast Missourian Newsroom:

For corrections to this story or other insights for the editor, click here. To submit a letter to the editor, click here. To learn about the Southeast Missourian’s AI Policy, click here.

Advertisement
Receive Daily Headlines FREESign up today!