Equifax CEO Richard Smith is out after the credit bureau reported a massive data breach earlier this month. >> Read more trending news The move, described as a retirement, was made effective immediately on Tuesday. Paulino do Rego Barros Jr., the head of Equifax’s Asian operations, has been named interim CEO, and board member Mark Feidler has been named non-executive chairman. Officials with the Atlanta-based credit reporting and technology company said a “cyber security incident” might have exposed the personal information of 143 million Americans. Hackers exploited a software glitch to gain access to the trove of personal data, the company said. Equifax disclosed earlier this month that the data breach was discovered in July and believed to have taken place from mid-May to July. >> Related: Equifax, software maker blame each other for opening door to hackers The data believed to have been accessed included names, Social Security numbers, birth dates and addresses. In a statement, Feidler said, “The Board remains deeply concerned about and totally focused on the cybersecurity incident.” “We are working intensely to support consumers and make the necessary changes to minimize the risk that something like this happens again,” he said. “We have formed a Special Committee of the Board to focus on the issues arising from the incident and to ensure that all appropriate actions are taken.” Smith had been Equifax's CEO since 2005. In a statement, Smith called his tenure at Equifax “an honor, and I’m indebted to the 10,000 Equifax employees who have dedicated their lives to making this a better company.” Although many analysts had applauded Equifax's performance under Smith, he and the rest of his management team had come under fire for lax security and its response to the breach. Smith is expected to testify before Congress in early October. >> Related: Equifax apologizes for sending people to fake company website WSBTV obtained video of the Smith speaking to students and faculty at the University of Georgia last month, after the company’s massive data breach occurred but before the company disclosed it. The company didn’t disclose the breach until Sept. 7. The Associated Press, Atlanta Journal-Constitution and the Cox Media Group National Content Desk contributed to this report.