Jun Ying, who was the chief information officer, is facing insider trading charges for selling shares before the consumer credit reporting agency announced the cybersecurity failure last summer, which affected 147.9 million Americans.
The SEC noted that at the time of the breach, Ying was often entrusted with nonpublic company information and was a leading candidate to become the global CIO of Equifax, a job he was in fact offered on September 15, the same day the company announced CIO Dave Webb would retire. By selling the shares before the breach was publicly disclosed, the executive avoided more than $117,000 in losses that would have resulted had he not sold until after the news of the breach became public, prosecutors alleged. "Corporate insiders who learn inside information, including information about material cyber intrusions, can not betray shareholders for their own financial benefit". The search terms used by Ying were: (1) "Experian breach"; (2) "Experian stock price 9/15/2015"; and (3) "Experian breach 2015".
You may remember that Equifax's hacker was said to have exploited an Apache Struts vulnerability (CVE-2017-5638) in the company's online dispute web portal to access personal information without authorisation. It was one of the largest data breaches in United States history.
They say Ying exercised all his available stock options and sold his Equifax stock after he received information in late August that caused him to realize Equifax was the victim of a breach.
Shane McMahon injured in attack by Kevin Owens and Sami Zayn
Don't be surprised if Shane reveals he is taking a break as commissioner so that he can allow his "true feelings" about Owens, Zayn, et al., to show.
On Aug. 28, Ying allegedly used his confidential information to sell his shares before the news broke.
"BJay" Pak. "Our office takes the abuse of trust inherent in insider trading very seriously and will prosecute those who seek to profit in this manner".
News of the breach was made public September 7, but authorities say Equifax discovered suspicious activity on its network on July 29. The company also said driver's license numbers might also have been exposed. "We are fully cooperating with the DOJ and the SEC, and will continue to do so".