top information-security executives are leaving the credit-reporting company after a data breach that exposed the personal financial information of 143 million Americans.
The consumer-data firm’s CIO, David Webb, and its chief security officer, Susan Mauldin, are “retiring” a week after Equifax announced the cyber attack that has been called one of the worst such data breaches in US history, Equifax said in an emailed statement.
Webb will be replaced by Mark Rohrwasser, who joined the company last year. Mauldin will be replaced by Russ Ayres. Both Rohrwasser and Ayers have previously worked in Equifax’s IT division.
The hack occurred between mid-May and July, Equifax said, when it first disclosed the break in last week.
The company said criminals had accessed details including names and social security numbers. Credit card numbers for about 209,000 people, and certain documents for another 182,000 were also accessed. Equifax has set up a website to help people figure out if they are among those whose information was compromised.
The company said there was no evidence of a breach into its core consumer or commercial credit reporting databases, and has since admitted tha said the source of the breach was a software flaw that could have been prevented.
Three Equifax executives sold nearly $US2 million in company stock just days after the breach. The company said the executives “had no knowledge” of the incident beforehand, according to an emailed statement from the credit-monitoring agency.
Some US lawmakers have called for an investigation of the breach.
The breach could be one of the biggest in the United States, Reuters reported. Last December, Yahoo said more than one billion user accounts were compromised in August 2013, while in 2014 eBay had urged 145 million users to change their passwords following a cyber attack.