Equifax CEO Richard Smith is retiring effective immediately as the credit reporting agency tries to clean up the mess left by a damaging data breach that exposed highly sensitive information about 143 million Americans.
The shake-up announced Tuesday comes after Equifax disclosed that hackers exploited a software flaw that the company didn’t fix to heist Social Security numbers, birthdates and other personal data that provide the keys to identify theft.
Smith will also step down from the chairman post. He had been Equifax’s CEO since 2005. Paulino do Rego Barros Jr. was named interim CEO, while board member Mark Feidler was appointed non-executive chairman. Barros most recently served as president of the Asia Pacific region.
Equifax said that it will conduct a search for a permanent CEO, considering both internal and external candidates.
While the company said in a statement that Smith was retiring, Equifax said in a regulatory filing that it has not entered into any other arrangement or agreement with Smith in connection with his retirement. He will however, serve as an unpaid adviser to help with the transition process.
Equifax (EFX) is one three major companies that track the credit histories of almost all Americans and sell that sensitive information to banks, credit card companies and other clients.
The breach left its customers — who never signed up for the service in the first place — feeling helpless and vulnerable to identify theft. The company’s response made things even worse.
Smith, who had also served as chairman, isn’t leaving the company completely. Equifax said he agreed to serve as an “unpaid adviser” to assist in the CEO transition.
“The cybersecurity incident has affected millions of consumers, and I have been completely dedicated to making this right,” Smith said.
Mark Feidler, an Equifax board member, was tapped to take over as the company’s non-executive chairman.