Connect with us

Hi, what are you looking for?


Fraud & Identity Theft

Ex-Equifax Manager Gets Home Confinement for Insider Trading

A former Equifax manager was sentenced Tuesday to serve eight months home confinement for engaging in insider trading in the wake of the company’s massive data breach last year.

A former Equifax manager was sentenced Tuesday to serve eight months home confinement for engaging in insider trading in the wake of the company’s massive data breach last year.

Sudhakar Reddy Bonthu, who worked as a software product development manager for the Atlanta-based credit-reporting agency, had pleaded guilty in July. U.S. District Judge Amy Totenberg also ordered Bonthu to pay a $50,000 fine, to serve 50 hours of community service and to forfeit the proceeds he gained from insider trading.

Born in Andhra Pradesh, India, Bonthu, 44, has lived in the United States since 2000. But he is not a U.S. citizen and faces possible deportation as a result of his felony conviction.

Hackers who haven’t been identified accessed Equifax databases without authorization from mid-May through July in 2017 and obtained customers’ personal information. Federal authorities say Equifax discovered the suspicious activity on its network on July 29, 2017.

The company ultimately revealed that the information of nearly 150 million Americans was exposed.

Bonthu and other Equifax employees were asked on Aug. 25, 2017, to help respond to the breach, but were told the work involved a potential Equifax customer, not Equifax itself, prosecutors have said.

Bonthu knew the target date for announcing the breach was Sept. 6. Bonthu used his wife’s brokerage account on Sept. 1 to buy 86 put options in Equifax stock that expired Sept. 15 for about $1,300, prosecutors said. Put options allow the holder to make a profit if the stock price drops.

Advertisement. Scroll to continue reading.

After the share value plunged when the breach was publicly disclosed on Sept. 7, 2017, Bonthu exercised his put options and made a profit of about $75,000.

Bonthu also faced civil charges from the Securities and Exchange Commission and settled that case in July.

Another former Equifax employee also faces insider trading charges related to the breach. Jun Ying, former chief information officer of Equifax’s U.S. Information Solutions, was indicted in March. He has pleaded guilty and his case is pending. He also faces civil charges of insider trading from the SEC.

Equifax Chief Financial Officer John Gamble and three other executives sold shares worth a combined $1.8 million days after Equifax discovered suspicious activity on its network, but Equifax said an independent committee determined that these executives did not know of the breach when their trades were made.

Bonthu’s wife, addressing the judge during the sentencing hearing, questioned why her husband was being punished when top executives were not.

“He’s just a small fish in this whole game,” Rekha Vummadi said.

Bonthu also addressed the judge, saying he accepted responsibility for his actions and that he was sorry to Equifax stakeholders and to his family.

Totenberg said she had reviewed Bonthu’s history and read letters submitted by his family and former colleagues. Bonthu is clearly very intelligent and has contributed to his community and worked hard to build a good life for his family in this country, she said.

“I don’t know what got into you on this one occasion,” she said and speculated that Bonthu had suffered from the “infection of capitalism.”

Totenberg noted that perhaps the most serious consequence Bonthu faces — possible deportation — is something over which she has no control. With an eye toward potential immigration proceedings, she said for the record that she doesn’t see any evidence of moral turpitude, which can be grounds for deportation.

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...

CISO Conversations

In this issue of CISO Conversations we talk to two CISOs about solving the CISO/CIO conflict by combining the roles under one person.

CISO Strategy

Security professionals understand the need for resilience in their company’s security posture, but often fail to build their own psychological resilience to stress.

Application Security

GitHub this week announced the revocation of three certificates used for the GitHub Desktop and Atom applications.