The Board of Directors for Equifax, Inc. announced the retirement of Chairman of the Board and CEO Richard Smith. Smith’s retirement follows the September 7 announcement of a data breach that affected an estimated 143 million consumer records as well as the stepping down of Chief Information Officer David Webb and Chief Security Officer Susan Mauldin September 15. Equifax’s Board of Directors appointed current board member Mark Feidler to serve as Non-Executive Chairman.
Seven- year veteran Paulino do Rego Barros, Jr., who recently served as President of the company’s Asia-Pacific business, has been appointed as interim CEO as the Board searches for a permanent individual both within and outside of the company.
On October 3, Former Equifax CEO Richard E. Smith testified before the U.S. House Committee on Energy and Commerce. Smith served as the Chairman and CEO of Equifax for the last 12 years. He stepped down on September 25, in the wake of the data breach.
During the hearing, Smith opened with remarks from his prepared testimony, where he took full responsibility as former CEO of what happened on his watch.
“Equifax was entrusted with Americans’ private data and we let them down,” Smith said. “To each and every person affected by this breach, I am deeply sorry that this occurred.”
Smith continued, “The people affected by this are not numbers in a database. They are my friends, my family, members of my church, the members of my community, my neighbors.”
Despite his apologetic nature, the committee before him wasn’t merciful. During the hearing, Janice Schakowsky (D-Ill.) said that Equifax deserved to be shamed. In addition, Rep. Greg Walden (R-Ore.) said, “we’re here today to do what Equifax hasn’t done the last few months, and that’s put their customers first.”
Smith’s testimony notes that the breach occurred because of both “human error and technology failures.” In response, Walden said, “I don't think we can pass a law that, excuse me for saying this, fixes stupid."
Rep. Joe Barton (R-Texas) was also skeptical of Smith, as he said that a law should be set that would fine Equifax for every consumer who's been affected by the breach.
"You're really just required to notify everybody and say, so sorry, so sad," Barton said to Smith. "It seems to me you might pay a little more attention to security if Equifax were required to pay every consumer who was affected several thousand dollars."
"We could have this hearing every year, from now on, if we don't do something to change the current system," Barton said.
Congress also questioned Smith on why three Equifax executives sold company stock shortly after the data breach, why it took so long for the company to inform the public, and what the company plans to do to better the future.
To view the all the takeaways from Tuesday’s hearing, click here.