Equifax CEO Richard Smith is out after massive data breach

Richard Smith, the CEO of Equifax (EFX), has retired as both chief executive and chairman of the board, the company announced Tuesday.

Earlier this month, the credit data company reported that the information of 143 million Americans had been exposed as part of a data breach and the company has remained under fire since.

Smith’s departure also follows a September 15 announcement from the company that its chief security and chief technology officers would retire. This news was released late on a Friday evening.

Equifax announced Tuesday that current board member Mark Feidler will serve as executive chairman of the board. The company said it will look for candidates both inside and outside the company to replace Smith.

Shares of the company were down about 2% following the news and had been halted ahead of the release. Following the breach, shares of the company have plummeted and as of Tuesday morning the stock was down about 25% from where it traded before this disclosure.

The company has come under scrutiny since first revealing it had been breached as subsequent reporting showed the company had been aware of a vulnerability in its security systems since at least March 2017. Additionally, Equifax became aware of “suspicious network traffic” in late July, almost six weeks before the company publicly disclosed the incident.

In early August, three company executives sold stock in the company. The company has said the executives, which included its chief financial officer, had no knowledge of the breach before the sale.

The company has also caught the ire of lawmakers since disclosing the initial breach, with 36 U.S. senators sending a letter to regulators to investigate this sale of stock by executives following the company’s knowledge of the breach.

Adding to the company’s PR struggles since its initial disclosure have been mishaps related to how the company has sought to aid customers who had their information compromised.

Yahoo Finance’s Ethan Wolff-Mann noted that the company immediately offered customers a complimentary ID-theft monitoring program called TrustedID. However, many noted that the TrustedID terms of service required users to waive their right to sue or join a class action lawsuit to enroll in the product.

Gizmodo also reported that the company had been sending customers to a fake phishing website with a URL similar to its official equifaxsecurity.com website set up following the breach.

This post will be updated.

—

Myles Udland is a writer at Yahoo Finance. Follow him on Twitter @MylesUdland

Read more from Myles here:

• JPMorgan: The cryptocurrency market looks like a pyramid scheme

• America’s shortage of workers is about to get ‘much worse’

• The government can’t stop people from making the single-biggest investing mistake

• It’s never been harder to fill a job in America

• Berkshire’s Bank of America win is more proof you can’t invest like Buffett

• Two charts show why the stock market today is nothing like the tech bubble