What took him so long? The CEO of Equifax is ‘retiring’

Seeking to extinguish a PR inferno.
Seeking to extinguish a PR inferno.
Image: AP Photo/Mike Stewart
We may earn a commission from links on this page.

It was the least he could do.

The chairman and chief executive officer of Equifax announced today (Sept. 26) that he’s retiring (paywall). The news came amidst the huge scandal engulfing his Atlanta-based credit bureau this month, following a data breach that siphoned the personal information of 143 million Americans to hackers. The breach, which led to an outcry from lawmakers and the public, has sparked more than 30 states to open investigations into the company. Earlier this month, Equifax’s chief security and chief information officers both stepped down.

Richard Smith, who spent 22 years at General Electric before joining Equifax in 2005, won’t have much time to relax in his immediate retirement. He is expected to appear in October before the US House Energy and Commerce Committee to answer for the lapse in security at Equifax.

The data breach is particularly astounding given the number of people affected, and also because the company knew about the hack on July 29, more than a month before it revealed it publicly Sept. 7. And four days after the hacking, three executives in the company sold close to $2 million in company stock, though Equifax maintains the men knew nothing about the breach at the time.

To make matters worse, the company set up a website for consumers to figure out if their information was hacked—and the site included a legal clause stating that anyone who signed up for protective services waived the right to join a class-action lawsuit against the company. (The company eventually removed that clause.)

Smith, once admired on Wall Street for his business acumen, says he is retiring at 57. He’s leaving the company during a perfect storm of public-relations nightmares: Bad data security, a delayed response to a scandal, questionable stock sales, potentially uninformed senior management, and a confusing website for consumers who just want to figure out if they’re data was stolen. (And it’s really important to figure that out.)