Senior Equifax executives sold their shares in the credit agency just before its stock price plunged when the world was told it had been thoroughly hacked.
The US biz has since probed the transactions, and you'll all be extremely pleased to learn of that investigation's conclusion: there was no wrongdoing, nothing untoward, and it was all completely above board.
Sometime mid-May, miscreants exploited a vulnerability in one of Equifax's websites – specifically, a bug in an installation of Apache Struts 2 for which a patch was available but was not deployed by Equifax IT staff – to infiltrate its internal systems. As a result, sensitive personal information on roughly 150 million people in the US, UK, Canada, and beyond was slurped from the agency's databases.
The cyber-break-in was detected on July 29. Funnily enough, a couple of days later, four top managers – chief financial officer John Gamble; president of US information solutions Joseph Loughran; president of workforce solutions Rodolfo Ploder; and senior veep of investor relations Douglas Brandberg – flogged their company stock to the tune of about $1.8m.
On September 7, about a month later, Equifax publicly confessed it had been hacked. Its share price promptly did this:
The stock offloading did not go unnoticed. The biz drafted in a panel of three directors from other firms to review the share sales, and this week ruled there was no evidence of insider dealing. Trebles all round.
"The special committee has determined that none of the four executives had knowledge of the incident when their trades were made, that pre-clearance for the four trades was appropriately obtained, that each of the four trades at issue comported with Company policy, and that none of the four executives engaged in insider trading," the investigating trio revealed today.
Stand up who HASN'T been hit in the Equifax mega-hack – whoa, whoa, sit down everyoneREAD MORE
Of the aforementioned execs who sold their shares, three got the green light from Equifax's legal department to do so, despite the discovery of the hack. Finance boss Gamble sold 6,500 shares, worth about $950,000, on August 1, and nine days later was informed of the security blunder at an offsite management meeting, the committee reported.
Ploder sold 1,719 shares worth $250,000 on August 2, but wasn't told of the attack until August 22. Brandberg also sold 1,724 shares on August 2 but didn’t get news of the breach until August 14.
The odd one out is Joseph Loughran, III, who as president of US information solutions would – you'd think – be one of the first to know about the network infiltration. He asked for clearance to sell 4,000 shares worth about $585,000 on July 28, a day before the hack was uncovered, and executed the trade on August 1, but it took until August 13 for him to be warned of the thefts.
On August 15, Equifax's legal department stepped in and ordered all staff with knowledge of the database theft to stop trading in company stock, then priced at about $142 per share. After the news of the hack broke, the price fell to $93 before recovering a little to $109 by today.
The special committee was headed by Elane Stock, the former president of toilet paper conglomerate Kimberly-Clark, and aided by Robert Daleo, a former CFO at Thomson Reuters, and Thomas Hough, treasurer of Metro Atlanta Chamber Of Commerce, Equifax's home town in Georgia, USA. ®