Equifax Chairman and CEO Richard Smith stepped down Tuesday in the wake of a massive cybersecurity breach that exposed the birth dates, social security numbers, and other personal information of 143 million Equifax customers, The New York Times reports.
Paulino do Rego Barros Jr. will vacate his post as the company’s president of the Asia-Pacific region to assume the CEO duties in an interim capacity, the Times says. Equifax will consider candidates from both inside and outside the company as permanent replacements.
According to the Times, Mark Feidler will become chairman of the board.
“Speaking for everyone on the board, I sincerely apologize [for failing to protect the seized data],” Feidler said in a statement, per the Times. Feidler said, per the Times, that the board has formed a special committee to handle the breach.
Lawmakers, as well as the general public, have taken issue with Equifax’s failure to secure the data, and some have cast aspersions upon the company’s handling of the fallout that followed the breach.
Equifax set up a special-purpose website to provide information about the attack, and to help customers contain the damage. Among the website’s primary offerings was a tool by which a customer could enter his information and find out whether the breach had affected him. But the tool ran into a number of problems. Moreover, the company struggled to field the myriad calls that flooded its customer support lines.
The Times reports that three Equifax executives sold a combined $1.8 million worth of stock in the company in the days after the breach had been discovered but before it had been disclosed. Equifax said, per the Times, that the executives mentioned were unaware of the breach when they offloaded the shares.
Smith is the third prominent Equifax executive to vacate his post in response to the breach. The company’s chief information officer and chief security officer both stepped down September 14.
“Mr. Smith has been very cooperative and supportive of this approach,” Equifax spokesman Wyatt Jefferies said per the Times.
Smith had served as CEO since 2005. In his 12 years with the company, he more than doubled its annual revenue, the Times notes. He was renowned amongst Wall Street experts for his ability to develop innovative products, and for his sales acumen.
As of now, Equifax has not terminated Mr. Smith, but the terms reached prior to his departure allow the board to retroactively fire him for cause, the Times says. The company will provide neither severance nor accelerated vesting of stock options to Smith, and he will not receive a bonus for 2017 (Equifax awarded him $3-million bonuses in 2015 and 2016).
Smith will retain $18.4 million in pension benefits.
Smith is scheduled to appear at congressional meetings regarding the breach in the coming weeks: one held by the House Energy and Commerce Committee on October 3, the other by the Senate Banking, Housing and Urban Affairs Committee the following day.
Senator Brian Schatz of Hawaii, a leading member of the latter committee, issued a statement ordering Smith to appear for the appointment and admonishing the former executive for shirking his responsibility for the breach.
“A CEO walking out the door just days before he is to appear before Congress is an abdication of his responsibility,” Schatz said, according to the Times.
But, Jefferies, the Equifax spokesman, has indicated that Smith intends to comply with Congress’ demands. “If Congress asks him, he will go,” said Jefferies of Smith.
Schatz is one of the several senators who have, in the wake of the Equifax incident, advocated legislation that would give consumers more latitude to protect their credit information.
The FBI is currently leading a criminal investigation into the breach, the Times says, and attorneys general in 30 states have launched their own probes into the matter. On September 19, the Massachusetts Attorney General sued Equifax seeking civil damages and more compensation.
Featured image via Vimeo