As reported earlier, American credit-rating company Equifax was subject to a massive security breach which resulted in the leak of 143 million customer data. Most of the customers were US citizens but Canadian and UK citizens were among the affected as well. The breach was identified on 29th July. Following the breach, the company has lost 25% of its share value in the stock market and trading on this stock was halted briefly. It was made public that company’s chief technology and chief security officers would retire.
Richard Smith’s ouster comes as a result of this event as he has retired from both his posts of CEO and chairman of the board of Equifax. The event has caused loads of concerns and criticisms as reports indicated the Equifax knew about a vulnerability in the system as early as March 2017 and failed to notify the public about the breach till September, six weeks after the attack. Since the incident, it has also come to light that three Equifax executives sold their stocks in the company in August before the breach was made public. While Equifax claims that the stock sale was not done with the knowledge of the breach, 36 US senators have written to regulators to investigate the incident.
Equifax took further hit as it started offering “TrustedID”, an identity theft monitoring program. As it turned out, the fine print of the terms and conditions of TrustedID required customers to waive their rights to sue Equifax or join any class action lawsuit against the company.