Equifax CEO Richard Smith poses for a photo at the Equifax headquarters in Atlanta on May 30, 2007. Joey Ivansco / Atlanta Journal-Constitution via AP file

Equifax CEO Richard Smith retires after epic breach

Equifax CEO Richard Smith poses for a photo at the Equifax headquarters in Atlanta on May 30, 2007. Joey Ivansco / Atlanta Journal-Constitution via AP file

(NBC News)-The CEO of Equifax, Richard Smith, is retiring in the wake of a data breach, the credit bureau’s board of directors announced Tuesday morning.

“The cybersecurity incident has affected millions of consumers, and I have been completely dedicated to making this right,” Smith said in a statement. “At this critical juncture, I believe it is in the best interests of the company to have new leadership to move the company forward.”

More than 143 million Americans’ personal credit records, including name, address, Social Security number, date of birth and credit history were exposed in the data breach, the company previously announced. In addition, more than 200,000 credit card numbers were stolen, Visa and Mastercard said in a private notice to banks.

In March, vulnerability on a popular server software system used by Equifax and others was exposed by researchers and quickly exploited by hackers to gain control of entire systems that hadn’t been patched. Equifax said the breach on their systems occurred from mid-May to July.

A massive consumer outrage boiled over following the disclosure, with Americans rushing to freeze their credit reports, only to find Equifax’s website and systems overwhelmed. The company’s Chief Security Officer and Chief Information Systems Officer abruptly retired in the aftermath.

The FBI has opened an investigation into the incident, which affected 75 percent of the adult population of the United States. Cyber experts say a state actor as culprit couldn’t be ruled out.

More than 30 states attorney generals have now opened investigations into Equifax. The company is also fending off multiple consumer class action and small claims lawsuits.

Consumer advocates and security experts said that while Smith’s retirement was a step in the right direction it didn’t solve key underlying problems.

“The CEO has very little to do with cybersecurity; ultimately he just approves a budget,” a cybersecurity expert told NBC News. “Fresh faces will roll in, but they will find themselves constrained by the budgetary restraints.”

Read more here.

Skip to content