Former Equifax employee charged with insider trading linked to data breach
A former Equifax employee has been charged with engaging in insider trading ahead of the credit agency’s disclosure of a massive data breach last year.
On Thursday, the SEC and federal authorities in Atlanta announced they were filing charges against software development manager Sudhakar Reddy Bonthu.
The US Securities and Exchange Commission said Mr Bonthu, 44, traded on confidential information he received while creating a website for consumers impacted by a data breach at Equifax.
“According to the complaint, Bonthu was told the work was being done for an unnamed potential client, but based on information he received, he concluded that Equifax itself was the victim of the breach,” the SEC said.
Mr Bonthu then purchased Equifax put options, meaning he bought shares on the basis of an agreement to sell them for a set price at a later date.
Less than a week after Mr Bonthu bought the put options, Equifax publicly announced the data breach and its stock declined nearly 14 per cent. Mr Bonthu sold the put options and netted more than $75,000 (£57,000), a return of more than 3,500 per cent on his initial investment.
Mr Bonthu, 44, was sacked by Equifax in March after refusing to cooperate with an internal investigation into whether he had violated the company’s insider trading policy.
“As we allege, Bonthu, who was entrusted with confidential information by his employer, misused that information to conclude that his company had suffered a massive data breach and then sought to illegally profit,” said Richard R. Best, director of the SEC’s Atlanta regional office.
“Corporate insiders simply cannot abuse their access to sensitive information and illegally enrich themselves.”
Equifax revealed in September 2017 that the personal data of about 148 million people had been exposed after a cyber attack in July of the same year.
According to an SEC filing earlier this year, hackers purloined the names and dates of birth of roughly 146.6 million people. They also obtained some 20.3 million phone numbers, roughly 17.6 million driver’s license numbers and about 1.8 million email addresses.
