Equifax CEO steps down over huge data breach

Firm accused of lacklustre response to breach exposing sensitive details of 143 million

Three Equifax executives  sold $1.8 million in company shares in the days after the breach was discovered. Photograph:  Lucas Jackson/Reuters

Three Equifax executives sold $1.8 million in company shares in the days after the breach was discovered. Photograph: Lucas Jackson/Reuters

 

The chairman and chief executive of Equifax, Richard Smith, stepped down Tuesday in the aftermath of a data breach that exposed the personal information of as many as 143 million people, the credit reporting agency said.

Equifax said that Paulino do Rego Barros jnr, most recently the president of its Asia-Pacific region, had been appointed interim chief executive. The company said it planned to conduct a search for a new chief executive and would consider candidates from inside and outside the company.

“Speaking for everyone on the board, I sincerely apologise,” Mark Feidler, the Equifax board’s new chairman, said in a statement. He said the board has formed a special committee to address the data breach. The company declined to make Mr Feidler and Mr Barros available for interviews.

Unpatched flaw

Equifax, which is based in Atlanta, said this month that hackers had exploited an unpatched flaw in its website software to extract names, social security numbers, birth dates, addresses and other information about millions of people. The company faced a blistering outcry from lawmakers and the public for failing to protect the sensitive data and for a response that many considered lackluster.

Three Equifax executives, including its chief financial officer, John Gamble jnr, sold $1.8 million (€1.5 million) in company shares in the days after the breach was discovered, but before it was publicly disclosed. Equifax has said the executives were unaware of the breach at the time of the stock sales.

Copyright New York Times 2017