A former senior executive at Equifax Inc. was criminally charged with selling almost $1 million worth of shares before the company’s announcement last year that it had suffered a massive data breach.
Jun Ying, Equifax’s ex-chief information officer for its U.S. information-solutions business, allegedly used confidential information entrusted to him by the company to determine it had been hacked, the Securities and Exchange Commission said in a Wednesday statement. The U.S. Attorney’s office in Atlanta filed criminal charges against Ying, according to a separate statement.
“As alleged in our complaint, Ying used confidential information to conclude that his company had suffered a massive data breach, and he dumped his stock before the news went public,” said Richard R. Best, Director of the SEC’s Atlanta regional office. “Corporate insiders who learn inside information, including information about material cyber intrusions, cannot betray shareholders for their own financial benefit.”
On Aug. 25, Ying texted a co-worker that the breach he was investigating “sounds bad. We may be the one breached,” the Department of Justice said in its statement. Three days later, he conducted web searches about the impact of Experian Plc’s 2015 data breach on its stock price, the agency found. Hours later, Ying exercised all of his available stock options, resulting in him receiving 6,815 shares of Equifax stock. He then sold the stock for more than $950,000.
The following week, Equifax disclosed the cyberattack, saying it had exposed the personal information of more than 140 million U.S. consumers. The hack has shaken confidence in the Atlanta-based company, which faces more than 240 class-action lawsuits and more than 60 regulatory or government inquiries.
Equifax stock plunged in the days after the breach was disclosed. Ying, who was next in line to become the company’s global CIO, avoided more than $117,000 of losses by selling his shares, the SEC said.
Equifax’s interim Chief Executive Officer Paulino do Rego Barros said in a statement Wednesday the company launched a review of Ying’s trading activity and after concluding he violated the company’s policies, reported its findings to government authorities.
In its complaint, the SEC said Equifax offered Ying the job of global CIO on Sept. 15. The company then rescinded the promotion after senior executives learned of his stock trading. Equifax concluded on Oct. 16 that Ying had violated the company’s insider-trading policy and that he should be terminated, prompting his resignation, the SEC said.
“We are fully cooperating with the DOJ and the SEC, and will continue to do so,” Barros said in the statement.
An attorney for Ying didn’t immediately return a call for comment.
In September, the Justice Department opened a criminal investigation into whether top officials at Equifax had violated insider trading laws before the breach was disclosed. Three Equifax Inc. senior executives — Chief Financial Officer John Gamble, and unit presidents Joseph Loughran and Rodolfo Ploder — sold shares worth almost $1.8 million in the days after the company discovered the breach. Equifax has said those three executives had not been informed of the incident when they initiated the sales.
Ying’s stock sale had not previously been reported because he was not a named executive officer.