Equifax CEO Retires in Wake of Breach
After the company's CIO and CSO resigned Sep. 14, Chairman and CEO Richard F. Smith follows them out the door.
Equifax CEO Richard F. Smith retired today, stepping down in the wake of a massive data breach that leaked Social Security Numbers, birthdates, addresses, and other personal data of 143 million people. Smith, who held the position since 2005, follows the company's CSO and CIO, who both resigned Sep. 14.
The credit reporting firm has received sharp criticism for both its data security practices and its breach response efforts.
Attackers lifted the data by exploiting an unpatched vulnerability in the company's website. The public was not notified until months after the incident was discovered. Services set up to inform individuals whether or not they were impacted were fraught with problems -- giving users conflicting information and requiring them to waive certain legal rights (until public outcry pressured Equifax to remove the clause). An offer of one year of free credit reporting, from the very credit reporting firm that had just been breached, was also considered insufficient.
There were also questions of corruption, as three Equifax executives, including the CFO, sold their shares in the company in the days following the breach discovery. Equifax has stated that these executives were unaware of the incident at the time.
Both state and federal government bodies have launched investigations into the Equifax incident. Smith had agreed to testify before the House Energy and Commerce Committee in early October.
Read more at Reuters and theNew York Times.
Join Dark Reading LIVE for two days of practical cyber defense discussions. Learn from the industry’s most knowledgeable IT security experts. Check out the INsecurity agenda here.
About the Author
You May Also Like
Transform Your Security Operations And Move Beyond Legacy SIEM
Nov 6, 2024Unleashing AI to Assess Cyber Security Risk
Nov 12, 2024Securing Tomorrow, Today: How to Navigate Zero Trust
Nov 13, 2024The State of Attack Surface Management (ASM), Featuring Forrester
Nov 15, 2024Applying the Principle of Least Privilege to the Cloud
Nov 18, 2024