A former Equifax executive who sold stock a week and a half before the company announced a massive data breach was sentenced Thursday to serve four months in federal prison for insider trading.
Jun Ying, former chief information officer of Equifax’s U.S. Information Solutions, pleaded guilty in March. His prison time is to be followed by a year of supervised release, and he was also ordered to pay about $117,000 in restitution and a $55,000 fine, the U.S. attorney’s office in Atlanta said in a news release.
The Securities and Exchange Commission also levied insider trading charges against Ying, who has agreed to settle that case, prosecutors said in a court filing last week.
In a court filing last week, prosecutors had asked for a sentence of a year and three months in prison and a $75,000 fine in addition to the restitution.
Equifax disclosed the breach Sept. 7, 2017. The Atlanta-based credit reporting company ultimately revealed that the personal information of more than 145 million people had been exposed.
The SEC has said that at the time of the breach, Ying was often entrusted with nonpublic company information. He was a leading candidate to become the global chief information officer of Equifax, a job he was offered on Sept. 15, 2017, the same day the company announced then-CIO Dave Webb would retire.
At the time of Ying’s indictment, the company said it had “separated him from the company” upon learning of his sale of Equifax shares and concluding he had violated its trading policies. The SEC complaint says Ying worked at Equifax until October 2017.
Unidentified hackers accessed Equifax databases without authorization from mid-May through July in 2017 and obtained customers’ personal information. Federal authorities say Equifax discovered the suspicious activity on its network on July 29, 2017.
On Aug. 25, Ying, along with several employees who reported to him, were asked to help respond, although they were told then that the work involved a potential Equifax customer, not Equifax itself, the indictment says.
“Sounds bad. We may be the one breached,” and “I’m starting to put 2 and 2 together,” Ying told a co-worker in text messages, according to the indictment.
Three days later, on Aug. 28, 2017, Ying did searches using his Equifax computer on what happened to the Experian stock price after that credit reporting company experienced a breach in 2015. Later that morning, he exercised all his available stock options and received 6,815 shares of Equifax stock, which he sold for more than $950,000. That represented a gain of more than $480,000 and saved him a loss of about $117,000, prosecutors said.
Ying is the second Equifax employee convicted of insider trading related to the data breach.
A former Equifax software product development manager who exercised his “put” options and made a profit of about $75,000 before the breach was disclosed was sentenced in October to serve eight months home confinement after pleading guilty in Atlanta to insider trading. He was also ordered to pay a $50,000 fine, serve 50 hours of community service and forfeit proceeds gained from insider trading.
Put options allow the holder to make a profit if the stock price drops.