Jun Ying, a former Equifax executive, has been hit with criminal charges as well as SEC (Securities and Exchange Commission) charges for insider trading relating to his sales of Equifax stocks in advance of the company’s announcement regarding the May 2017 data breach.
Ying was the chief information officer of Equifax U.S. Information Solutions and was next in line to be the company’s global CIO. He allegedly used confidential information entrusted to him by the company to conclude that Equifax had suffered a serious breach.
“On Friday, August 25, 2017, Ying texted a co-worker that the breach they were working on ‘Sounds bad. We may be the one breached.’ The following Monday, Ying conducted web searches on the impact of Experian’s 2015 data breach on its stock price,” a Justice Department statement explains.
“Later that morning, Ying exercised all of his available stock options held at UBS Financial Services, resulting in him receiving 6,815 shares of Equifax stock, which he then sold. He received proceeds of over $950,000, and realized a gain of over $480,000. On September 7, 2017, Equifax publicly announced its data breach, which resulted in its stock price falling.”
All in all, he avoided over $117,000 in losses.
According to the SEC complaint, Ying was officially told of the breach on August 30, 2017, two days after he sold the shares.
“On September 15, 2017, following the resignation of the then-current global CIO, Ying was offered the position of global CIO of Equifax. The offer was subsequently withdrawn, however, after Equifax senior executives learned of Ying’s trading,” the complaint notes.
“On October 16, 2017, following an internal Equifax investigation into Ying’s trading, the company concluded that he had violated the company’s insider trading policy and that his employment should be terminated. At that time, Ying agreed to resign.”
Equifax’s interim CEO confirmed that they reported the finding of their investigation to government authorities, and that they cooperated and will continue to cooperate with the Justice Department and the SEC.
The SEC is asking the court to find Ying guilty of violating the antifraud provisions of the federal securities laws and order him to give up an amount equal to the losses avoided as a result of his actions (plus interest) and pay a civil monetary penalty. They also want the court to prohibit Ying from serving as an officer or director of a public company.
“Corporate insiders who learn inside information, including information about material cyber intrusions, cannot betray shareholders for their own financial benefit,” said Richard R. Best, Director of the SEC’s Atlanta Regional Office.
The press release by the DOJ prosecutors does not say if Ying is likely to get a prison sentence if found guilty of the charges.
Four other Equifax senior executives sold shares before the public revelation of the breach, but were cleared of any wrongdoing by a special committee of three directors from other firms.