After the revelation that a cybersecurity incident impacted roughly 143 million consumers in the United States, Equifax Inc. is facing fallout from the company's response to the breach, planned probes from Congress, investigations from state attorneys general including New York's AG – and potential class action litigation.

At the helm of the consumer credit reporting company's legal department, and surely a major player in handling the company's legal and reputational risks, is John Kelley III, whose responsibilities include security and compliance, according to Equifax's website.

Kelley, who could not immediately be reached for comment, has been Equifax's corporate vice president and chief legal officer since 2013, presumably having a hand in guiding the company through a number of previous security issues. Along with security and compliance, he is also responsible for everything from corporate governance and privacy functions to government and legislative relations. In a March 24 U.S. Securities and Exchange Commission filing, Equifax noted that Kelley's total compensation last year was nearly $2.8 million, adding that he had received a “distinguished” rating on several individual performance objectives. Listed among these goals: “Continuing to refine and build out the company's global security organization.”