The sale of nearly $2 million in corporate stock by high-level Equifax executives shortly after the company learned of a major data breach has sparked public outrage that could turn into another hurdle for the credit rating agency.
The sales all occurred before the company publicly reported the breach, a disclosure that quickly sent its stock tumbling. The timing of the sales could attract federal scrutiny, legal experts say, though proving insider trading would be difficult. A company spokeswoman said the executives did not know about the breach when they sold their shares.
“It certainly would be exactly the type of trading pattern before a high-profile event that the [Securities and Exchange Commission] would investigate,” said Brandon L. Garrett, a professor at the University of Virginia School of Law. “Even if they do not bring charges it is the type of conduct that a company should not tolerate in its executives. It sends a terrible message to the public and to customers.”
The SEC declined to comment on whether it was investigating the matter.
Equifax, a major consumer credit reporting agency, disclosed Thursday that hackers had obtained sensitive information, including Social Security numbers and dates of birth, for 143 million people. The breach began in May and was discovered by the company on July 29. Shortly afterward, three company executives — Chief Financial Officer John W. Gamble; Joseph M. Loughran III, the president of U.S. information solutions; and Rodolfo O. Ploder, the president of workforce solutions — sold large amounts of their shares of Equifax stock.
Gamble sold nearly $1 million worth of stock on Aug. 1; Loughran disposed of about $700,000. The next day, Ploder sold stock worth $250,000, according to Securities and Exchange Commission filings. The sales were not part of a pre-scheduled transaction, according to the filings.
News of the sales drew wide criticism, including from Rep. Ted Lieu (D-Calif.), who tweeted that “if true, the timing of these large sales of stock by Equifax manager is quite troubling.”
A company spokeswoman, Ines Gutzmer, said in an email Thursday night: “The three executives who sold a small percentage of their Equifax shares on Tuesday, August 1, and Wednesday, August 2, had no knowledge that an intrusion had occurred at the time they sold their shares.”
Gutzmer did not immediately respond to questions Friday about when the executives learned of the breach and whether the company would be conducting an internal review of their actions.
Equifax’s stock has tumbled nearly 14 percent in early Friday trading.
Despite the stock sales, the executives still own thousands of shares of Equifax stock worth millions of dollars.
“If you look at it on its face, people will jump to the conclusion that they knew, and that they were trying to cash out,” said Stuart Slotnick, a corporate defense attorney at Buchanan, Ingersoll & Rooney. But no one should jump to conclusions, he said. “There is nothing wrong with [them] cashing out if it’s not connected to the news.”
“It would be incredible if these sophisticated insiders would sell their shares based upon news. They are sophisticated executives and they know full well that their selling the shares triggers public disclosures. It just doesn’t make sense that the CFO would sell a small lot of shares before a news event,” Slotnick said.
To prove insider trading, federal prosecutors would have to show the executives knew about the nonpublic information when they decided to sell their stock, often a tough task, experts said.
The company’s board of directors should conduct an independent review of the executives’ actions, including surveying their email traffic and interviewing the executives as well as their colleagues, said Bart Friedman, a senior counsel at Cahill Gordon & Reindel LLP, who advises boards on matters including corporate compliance and enforcement challenges.
“I would be aggressive in finding out the facts, and I wouldn’t necessarily depend on what they tell me,” Friedman said. It would be unusual for such high-level executives to not quickly learn of such significant news, he said. “If anybody in the company knew, it would be shocking if they didn’t learn about it.”
Read more about the Equifax data breach: