A former Equifax executive who allegedly sold stock in the company before it announced last year’s massive data breach has been charged by the Securities and Exchange Commission (SEC) with insider trading. Jun Ying, 42, of Atlanta, the former chief technological officer at Equifax, has been charged with selling his stock ten days before the company made news of the breach public. He is also facing criminal charges from the Department of Justice.
The data breach, discovered by Equifax on July 29, 2017, was not made public until September 2017. An estimated 148 million U.S. customers had their Social Security numbers and other personal information exposed as a result of the breach.
According to the SEC complaint, “Jun Ying, who was next in line to be the company’s global CIO, allegedly used confidential information entrusted to him by the company to conclude that Equifax had suffered a serious breach.” The SEC alleges that before Equifax’s public disclosure of the data breach, “Ying exercised all of his vested Equifax stock options and then sold the shares, reaping proceeds of nearly $1 million.” By selling before public disclosure of the data breach, the complaint alleges, “Ying avoided more than $117,000 in losses.” Ying’s insider trading occurred 10 days before the breach was announced, according to investigators.
“As alleged in our complaint, Ying used confidential information to conclude that his company had suffered a massive data breach, and he dumped his stock before the news went public,” said Richard R. Best, Director of the SEC’s Atlanta Regional Office. “Corporate insiders who learn inside information, including information about material cyber intrusions, cannot betray shareholders for their own financial benefit.”
Ying is being charged with “violating the antifraud provisions of the federal securities laws and seeks disgorgement of ill-gotten gains plus interest, penalties, and injunctive relief.”
In addition to the SEC complaint, Ying is facing criminal charges from the U.S. Attorney’s Office for the Northern District in Georgia. The complaint reveals details of Ying’s insider trading:
On Friday, August 25, 2017, Ying texted a co-worker that the breach they were working on “Sounds bad. We may be the one breached.” The following Monday, Ying conducted web searches on the impact of Experian’s 2015 data breach on its stock price. Later that morning, Ying exercised all of his available stock options held at UBS Financial Services, resulting in him receiving 6,815 shares of Equifax stock, which he then sold. He received proceeds of over $950,000, and realized a gain of over $480,000. On September 7, 2017, Equifax publicly announced its data breach, which resulted in its stock price falling.
“This defendant took advantage of his position as Equifax’s USIS Chief Information Officer and allegedly sold over $950,000 worth of stock to profit before the company announced a data breach that impacted over 145 million Americans,” said U.S. Attorney Byung J. “BJay” Pak. “Our office takes the abuse of trust inherent in insider trading very seriously and will prosecute those who seek to profit in this manner.”
“The alleged actions of this defendant undermine the public’s confidence in the nation’s stock markets,” said David J. LeValley, Special Agent in Charge of FBI Atlanta. “By prosecuting cases like this, the FBI and the U.S. Securities and Exchange Commission are sending a strong message to company insiders that they must follow the same rules that govern regular investors. Otherwise, they face the severe consequences for failing to do so.”
Ying, who was indicted by a federal grand jury on March 13, 2018, will be arraigned later this week before U.S. Magistrate Judge Linda T. Walker. If found guilty on the criminal charges, he could face up to 20 years in prison and a maximum fine of $5,000,000. In addition, he could face additional civil penalties of up to three times the profit gained as a result of the violation.