Elizabeth Warren is demanding more details on hacked credit-reporting firm Equifax’s handling of insider-trading claims against an information-technology executive indicted this week.
In particular, the Democratic senator from Massachusetts questioned when the Atlanta-based company learned of trades that the U.S. Attorney’s Office in Atlanta and the Securities and Exchange Commission say netted Jun Ying nearly $1 million.
The transactions, made after Equifax learned of a cyberattack that had exposed personal identification data for more than 140 million people, helped Ying avoid more than $117,000 in losses when the Atlanta-based company disclosed the incident to its investors in early September, the government said.
Trades by four other executives had drawn scrutiny in the immediate aftermath of that announcement, Warren noted, but they were publicly vindicated in a report by a special committee that the company released Nov. 3.
After reviewing more than 55,000 documents, including emails and text messages, the panel concluded that none of those staffers knew about the hack and that they had not violated insider trading laws, Equifax said.
“It is troubling that there are new charges of insider trading against a senior Equifax official four full months after the release of your company’s Special Committee report,” Warren said in a letter to Pauline do Rego Barros Jr. on Thursday. “Given this revelation, I have significant concerns about the adequacy of your company’s internal fraud detection procedures and recent investigations.”
Her missive asked Equifax whether questions had arisen about any other employees engaging in insider trading and if the company had strengthened policies designed to prevent such behavior after the SEC investigation involving Ying.
Ying, a divisional manager who was offered a promotion to global chief information officer before the company discovered his trades, learned on a Friday evening in August that Equifax had suffered a major breach, according to a Securities and Exchange Commission’s civil complaint.
When markets opened the next Monday, he searched online for what had happened to the stock of a competitor after a breach. Within hours, he had exercised all of his vested stock options and immediately sold the shares, according to the U.S. Attorney’s Office.
The credit-monitoring firm’s stock plummeted 21 percent in just two days of trading following the disclosure, which was made after the conclusion of regular New York trading on Sept. 7, and remains 13 percent below its previous price of $142.
After learning of Ying’s trades, Equifax “launched a review of his trading activity, concluded he violated our company’s trading policies, separated him from the company and reported our findings to government authorities,” Barros said in a statement on Wednesday. The company is cooperating fully with the Justice Department and the SEC, he said.
As backlash from the cyber-breach mounted last fall, then-Chief Executive Officer Richard Smith stepped down, forfeiting a bonus valued at $3 million in previous years, and the company announced the retirement of its top information and security officers, without naming them or saying why.
Contentious Congressional hearings followed, but months later, Equifax has yet to be held fully accountable, said Sen. Ben Sasse, a Nebraska Republican who serves on the banking committee along with Warren.
Let’s get this straight: Equifax put millions of Americans at risk, got a no-bid contract from the feds, and at least one employee turned a personal profit from trading on the misfortune of the victims?
Someone needs to answer for this. https://t.co/Rz3vsJF9Qa
— Senator Ben Sasse (@SenSasse) March 14, 2018
“Years from now, there are going to be families who can’t get home loans, families who have terrible credit scores, and families who are stuck fighting fraudulent charges because of Equifax,” Sasse said in a statement. “Someone has to answer for this.”
