Equifax CEO exits in wake of massive US data breach

The company said Smith, 57, retired effective Tuesday. Equifax has appointed Paulino do Rego Barros Jr., who most recently ran the company's Asia Pacific business, as the company's interim CEO.

Smith was scheduled to appear before the House Energy and Commerce Committee and Senate Banking Committee next week to answer questions about the hack.

Equifax said it would start a search for a new permanent CEO. It added that Smith will stay on as an "unpaid advisor to Equifax to assist in the transition."

The board apologized for the incident.

"The board remains deeply concerned about and totally focused on the cybersecurity incident," said board member Mark Feidler, who has been appointed non-executive chairman with Smith's retirement, in a statement. "We are working intensely to support consumers and make the necessary changes to minimize the risk that something like this happens again. Speaking for everyone on the board, I sincerely apologize."

Smith, who had led Equifax since 2005, has come under fire since the company disclosed the hack earlier this month. It's not publicly known when he became aware of the breach, which exposed Equifax customers' names, Social Security numbers, credit card data and other sensitive information. At an August meeting two weeks after the company discovered the hack, he stressed Equifax was putting "a huge priority" on protecting data.

Equifax's security chief and chief technology officer have also left the company since the hack. Wall Street analysts had predicted additional changes in leadership were in the works following the breach.

"For Equifax, this means there is going to be tremendous pressure coming from Congress to do a complete replacement of senior management," said Cowen analyst Jaret Seiberg in a recent note.

New York: The US Securities and Exchange Commission has announced it is setting up a special unit dedicated to identifying cyber-related misconduct.

The announcement came days after the top US financial regulator disclosed that it had been the victim of a hacking attack in 2016, and that the perpetrators may have been able to profit from the information.

In a statement the SEC said the new unit, which has been in the works for months, "will focus on targeting cyber- related misconduct" including market manipulation schemes, hacking and intrusions into retail brokerage accounts.

"Cyber-related threats and misconduct are among the greatest risks facing investors and the securities industry," said Stephanie Avakian, co-director of the SEC's Enforcement Division.

"The Cyber Unit will enhance our ability to detect and investigate cyber-threats through increasing expertise in an area of critical national importance."