Brendan McDermid | Reuters
Trading information and the company logo are displayed on a screen where the stock is traded on the floor of the New York Stock Exchange (NYSE) in New York, U.S., September 8, 2017.
The executive responsible for security at Equifax, which on Thursday disclosed a security breach affecting up to 143 million U.S. consumers, earned almost $2.8 million in compensation last year.
John J. Kelley III has served as Equifax’s corporate vice president and chief legal officer since early 2013. According to the company’s annual proxy statement, Kelley was paid a salary of $546,312 in 2016 along with $957,302 in stock awards. The rest of his pay came primarily from a non-equity incentive plan and pension-related benefits.
Kelley, who previously served as a senior partner at law firm King & Spalding, earned a total of $11.1 million in compensation in his first four years at Equifax, filings show.
Equifax, which is one of the three main credit reporting agencies in the U.S., said it discovered the breach on July 29. About 209,000 U.S. credit card numbers were obtained by hackers, who “exploited a U.S. website application vulnerability to gain access to certain files,” the company said.
Less than a day after the breach was announced, some victims filed a class-action suit, and New York’s attorney general said he would launch an investigation.
According to Equifax’s website, Kelley is responsible for “legal services, global sourcing, security and compliance, government and legislative relations, corporate governance and privacy functions.”
Kelley received a “distinguished” grade on his eight individual objectives for 2016, which led to a bump in his non-equity incentive pay, the proxy said. One of those eight objectives was “continuing to refine and build out the company’s global security organization.”
Kelley isn’t Equifax’s highest paid executive. Richard Smith, the company’s CEO, earned $15 million in total pay in 2016, while Chief Financial Officer John Gamble earned $3.1 million.
Equifax did not immediately respond to a request for comment.