Richard Smith is out as Equifax CEO following a breach that potentially exposed the personal information of 143 million people.
"The cybersecurity incident has affected millions of consumers, and I have been completely dedicated to making this right. At this critical juncture, I believe it is in the best interests of the company to have new leadership to move the company forward," Smith said in a statement.
The Equifax breach exposed credit card numbers for about 209,000 US consumers, and certain dispute documents with personal identifying information for 182,000 US consumers were accessed. Hackers also got their hands on names, Social Security numbers, birth dates, addresses, and some driver's license numbers.
Smith's departure is effective immediately, though he will be an "unpaid adviser" during the search for a new CEO. Until then, Paulino do Rego Barros, Jr., previously President of Asia Pacific for Equifax, will be interim CEO, while current board member Mark Feidler will become non-Executive Chairman.
"The Board remains deeply concerned about and totally focused on the cybersecurity incident," according to Feidler, who was previously president and COO of BellSouth Corporation and COO of Cingular Wireless. "We are working intensely to support consumers and make the necessary changes to minimize the risk that something like this happens again."
Feidler continued: "Speaking for everyone on the Board, I sincerely apologize. We have formed a Special Committee of the Board to focus on the issues arising from the incident and to ensure that all appropriate actions are taken."
For some people, appropriate action would be to shut down Equifax entirely, given that its entire business model is securing the personal information of consumers—who cannot opt out of having their data collected by Equifax.
Equifax's reponse was also criticized, as concerned citizens were directed to a website that asked them to enter their last name and last six digits of their Social Security numbers to see if they were affected. That was odd, coming from a company that had just experienced a cyber attack; why would you give it more personal information? But the responses people got after entering that information was also confusing and in many cases, unhelpful.
Earlier this month, Sen. Mark Warner—a member of the Banking, Budget and Finance committees and cofounder of the bipartisan Senate Cybersecurity Caucus—asked the Federal Trade Commission to examine the breach. The data stolen, he wrote, "will expose Americans to identity theft, tax fraud, extortion, and other risks.
The Senate Banking Committee has scheduled a hearing on the Equifax breach for Oct. 4, at which Smith is expected to testify.