Equifax CIO, CSO step down

A week after publicly acknowledging a massive data breach that affected as many as 143 million consumers, Equifax on Friday announced that its Chief Information Officer and Chief Security Officer are "retiring," effective immediately.

CIO David Webb will be replaced in the interim by Mark Rohrwasser, who has led Equifax's international IT operations since joining the firm in 2016. CSO Susan Mauldin will be replaced in the interim by Russ Ayres, who most recently served as a VP in Equifax's IT organization. He will report directly to the CIO.

Equifax's big fat fail: How not to handle a data breach

The credit rating and reporting firm is still investigating the breach, which they discovered after noticing suspicious network traffic on July 29. The breach impacted as many as 143 million US consumers, as well as some Canadian residents and potentially around 400,000 UK consumers.

Equifax on Friday also gave an updated timeline of its response to the incident, confirming that it turned to the cybersecurity firm Mandiant to assist in a forensic review of the intrusion -- a development first reported by ZDNet last week, the day the breach was announced.

Equifax also noted that it continues to add call center agents available for consumer support and said that it is "resolving issues with the impact look-up tool." Among other changes to its support services, Equifax also said it "continues to work on technical difficulties related to the high volume of security freeze requests."

Related coverage:

• Equifax: 400,000 UK consumers could be affected by data breach
• Equifax confirms Apache Struts security flaw it failed to patch is to blame for hack
• Security firm Mandiant said to be helping Equifax in hack aftermath