Equifax Inc. announced Friday afternoon that two top technology executives had left the company and been replaced immediately, as the company continues to deal with the fallout from a massive data breach.

Chief Information Officer David Webb and Chief Security Officer Susan Mauldin retired immediately, Equifax EFX, -2.03% said in a news release that did not mention either of those executives by name. Mark Rohrwasser, who had been leading Equifax’s international information-technology operations since 2016, will replace Webb and Russ Ayres, a member of Equifax’s IT operation, will replace Mauldin.

Mauldin had become a focus in the wake of the data breach, which Equifax said last week affected up to two-thirds of U.S. adults, after internet sleuths noted that interviews with her had been taken down and that her education was in music composition. Her replacement, Ayres, has a bachelor’s degree in computer science from Jacksonville State University.

Don’t miss: Equifax hired a music major as chief security officer

Equifax has faced a wave of criticism for the breach, disclosed on the afternoon of Sept. 7, and the company’s response. Customers have had issues finding out if their data was accessed, free credit-monitoring Equifax offered through its own subsidiary included a clause that precluded users from suing the company, and people who wanted to freeze their credit have encountered fees charged by Equifax for that service and delays based on volume of people attempting to accomplish the same task. The breach and response has led to calls for new legislation from lawmakers as well as requests for executives to testify in front of Congress.

Read also: Equifax executives sold stock after data breach, before informing public

Equifax attempted to answer some of the criticisms in the announcement released late Friday afternoon. It noted that the waiver of potential lawsuit liability was never meant for customers who were provided the service for free in response to the breach, and will not apply to them, and said any customers who request a security freeze through Nov. 21 will not be charged for the service.

Why Victims of the Equifax Breech Should Freeze Their Credit

The company also detailed the impetus of the attack and admitted that the security hole that attackers used was known in March, about two months before the company believes the breach began. It also confirmed that it had hired FireEye Inc.’s FEYE, -1.17% Mandiant to help determine what happened.

Opinion: How investors can punish Equifax for failing the public

“While Equifax fully understands the intense focus on patching efforts, the company’s review of the facts is still ongoing,” the release read. “The company will release additional information when available.”

Equifax stock has taken a beating since the breach was disclosed, falling almost 35% and costing billions in market capitalization. Shares fell 3.8% Friday to close at $92.98, and dipped another 0.2% in late trading after the announcement.