Equifax CEO Rick Smith out after massive data breach

Equifax Chairman and CEO Rick Smith has stepped down in one of its biggest moves so far to right its ship after the company's massive data breach.

The move, described Tuesday as a retirement, is effective immediately. Smith’s sudden departure prompted a trading suspension of the company’s stock Tuesday morning until the news was released.

The news comes as Equifax’s shares seemed to be recovering from a roughly 35 percent plunge in the wake of the hacking scandal. It has since bounced back about 12 percent, including a small gain Tuesday.

But it's unclear if the change at the top will be enough to head off a wall of threats to the company's future.

Some industry analysts argue that Equifax is so central to getting credit and loans in the United States that the company will survive investigations by Congress, by dozens of federal and state agencies, and the potential liabilities of more than 100 pending lawsuits.

“The full impact is unknown,” said Keith Snyder, an industry analyst with CFRA Research. But he doesn’t think the company is in danger of being taken over, breaking up, or failing. “This is such a critical piece of the financial system.”

But Equifax has handled the crisis so poorly, said Jeffrey Sonnenfeld, senior assistant dean at Yale School of Management, that he has his doubts.

“The enterprise has been put in real jeopardy,” he said. “The worst is yet to come.”

Meanwhile, Smith's stepping down puts a coda on a 12-year tenure in which he revved up a sleepy credit-tracking company's growth. Equifax tripled in sales under his leadership, and its market value more than quadrupled to $18 billion — until its plunge by $6 billion in recent weeks in the wake of the hacking scandal.

Just a month ago, Smith had been named in a local publication as one of Atlanta’s “most admired” CEOs.

Before Equifax disclosed Sept. 7 that thieves got away with vital information on 143 million Americans, including Social Security numbers, dates of birth and driver’s license numbers, Smith was “extremely well perceived,” said Ken Bernhardt, Regents Professor Emeritus at Georgia State University.

Since the breach, Equifax has announced the retirement of two executives responsible for its data security, ordered a third-party investigation, offered free credit freezes to consumers, and now, the change of its top leadership.

The company had to do something big to begin restoring customers’ faith in Equifax, said Bernhardt.

“I think they’re trying to show the public that they’re taking this breach seriously,” he said. “You can’t make a bigger change than changing the CEO.”

Rick Smith (left) is out as head of Equifax. Paulino do Rego Barros Jr. (center) has been named interim CEO. Board member Mark Feidler (right) has been named non-executive chairman.

Credit: equifax.com; msouth.com

icon to expand image

Credit: equifax.com; msouth.com

Tuesday, Equifax named Paulino do Rego Barros Jr., the head of Equifax’s Pacific-Asian operations, as its interim CEO, and board member Mark Feidler was named non-executive chairman.

In making the change, Equifax is trying to make amends for several missteps, experts said, and to head off a barrage of criticism, lawsuits and investigations that have erupted in recent weeks.

Equifax said the company will look for Smith’s eventual replacement both inside and outside the company.

Bernhardt said he would give Equifax a “D” for how it has handled the crisis so far because it was slow to disclose the problem, slow to accept responsibility, slow to apologize, slow to offer consumer protections such as credit freezes, and unprepared for the panic among consumers who swamped its call centers and website seeking help.

“The brand is now a very tarnished brand and they’ve got a lot of work to do,” said Bernhardt. He said Equifax’s new leaders need to restore confidence that the company is taking steps to avoid a similar data loss in the future, and show how it is going to make good on the damage consumers will likely suffer if their financial and personal identities are stolen and used for fraud.

But the company will survive, he added, because “banks need the information that they have available.”

Equifax most likely will want to find an industry veteran from outside the company to reassure angry consumers and lawmakers that the company is serious about fixing gaps that allowed the data theft to happen.

“They’re going to want someone who is well respected,” said Snyder. “It wouldn’t surprise me if they find someone with a deep security background.”

Equifax needs a new CEO, he said, who “tells consumers they have learned their lesson.”

In a statement, Feidler, Equifax’s new chairman, said, “The Board remains deeply concerned about and totally focused on the cybersecurity incident.”

“We are working intensely to support consumers and make the necessary changes to minimize the risk that something like this happens again,” he said. “Speaking for everyone on the Board, I sincerely apologize. We have formed a Special Committee of the Board to focus on the issues arising from the incident and to ensure that all appropriate actions are taken.”

Equifax’s appointments appeared to pass over three top executives — its chief financial officer and the presidents of two of its largest business units — who had recently sold a total of $1.8 million of company stock before the breach with disclosed to the public, raising questions about the propriety of the trading.

Barros, Equifax’s new interim CEO, was most recently head of Equifax’s Pacific-Asia unit, where he was involved in the company’s largest acquisition, the purchase of Australia credit-tracking firm Veda.

Feidler, a private equity executive and longtime Equifax board member called Barros “an experienced leader with deep knowledge of our company and the industry. The Board of Directors has absolute confidence in his ability to guide the company through this transition.”

In a statement, Smith called his tenure at Equifax “an honor, and I’m indebted to the 10,000 Equifax employees who have dedicated their lives to making this a better company.”

“The cybersecurity incident has affected millions of consumers, and I have been completely dedicated to making this right,” he said. “At this critical juncture, I believe it is in the best interests of the company to have new leadership to move the company forward.”

Some people had expected Smith’s departure, but not this soon.

Smith’s departure also drew complaints, given its timing just before a pair of coming congressional hearings in Washington, D.C., into the breach, including one before the Senate Banking Committee next week.

“A CEO walking out the door just days before he is to appear before Congress is an abdication of his responsibility, said U.S. Sen. Brian Schatz, D-Hawaii. “This company has jeopardized the financial health and security of 143 million people, and they need to be held responsible. So I fully expect Mr. Smith to testify before the Banking Committee next week, regardless of the timing of his retirement.”

Congressional staffers later confirmed that Smith is still slated to appear.

But that raises other problems, said Sonnenfeld, at Yale. “It’s really quite a mess,” he said. Smith “is no longer in charge,” he noted. Will Equifax also send other executives, he asked, to answer for the company’s future steps and commitments to fix its problems and commit to aiding consumers who are affected by the breach?

“It’s just going to make Congress angry,” he said.

Key players in current Equifax news

Rick Smith

Rick Smith has stepped down as chairman and chief executive officer of Equifax Inc., a position he has held since 2005.

Previously Smith spent 22 years with GE holding several president and chief executive officer roles. GE appointed Smith an officer of the company in 1999.

Smith was the 2009 chairman of the Metro Atlanta Chamber of Commerce and now serves on its board of directors and executive committee. As co-chairman of the Atlanta Super Bowl Bid Committee, Smith was part of the team instrumental in Atlanta’s winning bid for Super Bowl LIII in 2019.

In Atlanta, he is chairman of The Lovett School governance committee, former chairman of the strategic planning committee and serves on its board of trustees.

Smith is currently a trustee for The Boys & Girls Clubs of Metro Atlanta and has formerly been a director of the Operation HOPE global board, director of the YMCA of Metropolitan Atlanta, and a Trustee of the Woodruff Arts Center.

Smith earned a bachelor’s degree from Purdue University.

Source: Equifax website

Paulino do Rego Barros Jr.

Interim CEO Paulino Barros leads Equifax’s Asia-Pacific business. Previously, he led the company’s U.S. Information Solutions (USIS) business, which includes U.S.-based services that provide businesses with consumer and commercial information and insights related to areas of risk management, identity and fraud, marketing and a variety of industry-specific solutions.

Barros has also led the company’s International unit with responsibility for Latin America, Europe, Asia and Canada.

Before joining Equifax in April 2010, he was the founder and president of PB&C – Global Investments (LLC), an international consulting and investment firm.

Barros was the president of Global Operations for AT&T and held several executive leadership positions at the BellSouth Corporation before it was acquired by AT&T in 2006.

Previous executive experience with Motorola, Inc., The NutraSweet Company and with Monsanto Company.

Barros holds degrees in mechanical and electrical engineering from Escola de Engenharia Industrial and Faculdade de Engenharia de São José dos Campos in São Paulo, Brazil, as well as a master’s degree in business administration from Washington University, St. Louis.

Source: Equifax website

Mark Feidler

Equifax board member and newly appointed non-executive chairman, Mark Feidler joined MSouth in 2007 as a Partner and co-founder. MSouth is a private equity investment firm that provides equity capital and expertise to support management teams in acquisitions and recapitalizations of lower middle market companies typically valued between $25 and $150 million.

Feidler served as President and COO of BellSouth Corporation until its merger with AT&T in December 2006. From 2000 to 2003, Feidler was the COO of Cingular Wireless, with the formation of Cingular when BellSouth and AT&T merged their domestic wireless operations.

From 1991 to 2000, Feidler served as the head of corporate development for BellSouth and as President of various operating subsidiaries. From 1986 to 1990, Feidler worked in the investment banking department of The Robinson-Humphrey Company. From 1981 to 1986, Feidler was an associate in the corporate law section of King & Spalding. Feidler holds a B.A. in Economics from Duke University and a J.D. from Vanderbilt Law School.

Source: MSouth website


AJC Business reporter Russell Grantham keeps you updated on the latest news about major companies, CEOs and public utilities in metro Atlanta and beyond. You'll find more on myAJC.com, including these stories:

Never miss a minute of what's happening in local business news. Subscribe to myAJC.com.