The U.S. Securities and Exchange Commission (SEC) announced Thursday that former Equifax software engineering manager Sudhakar Reddy Bonthu has been charged with insider trading after discovering last year’s massive data breach that exposed the personal information of more than 148 million people. In March, the SEC charged a former Equifax executive, Jun Ying, with fraud charges after dumping his stocks and reaping proceeds of nearly $1 million prior to public disclosure of the data breach.
While creating a website for consumers impacted by a data breach last year, Bonthu realized that Equifax had been the victim of the breach and allegedly violated company policy when he traded on the non-public information by purchasing Equifax put options. Less than a week later, after Equifax publicly announced the data breach in September 2017 and its stock declined nearly 14 percent, Bonthu sold the put options and netted more than $75,000, a return of more than 3,500 percent on his initial investment.
After refusing to cooperate with an internal investigation into insider trading, Bonthu was terminated from Equifax in March.
“As we allege, Bonthu, who was entrusted with confidential information by his employer, misused that information to conclude that his company had suffered a massive data breach and then sought to illegally profit,” said Richard Best, Director of the SEC’s Atlanta Regional Office. “Corporate insiders simply cannot abuse their access to sensitive information and illegally enrich themselves.”
In a parallel proceeding, the U.S. Attorney’s Office for the Northern District of Georgia filed criminal charges against Bonthu. During a recent statement, Atlanta U.S. Attorney Byung Pak said, “Bonthu allegedly took advantage of his position to profit while members of the public were unaware of the data breach at Equifax.”
To settle the SEC’s civil charges, Bonthu has agreed to a permanent injunction and to return his allegedly ill-gotten gains plus interest. The settlement is subject to court approval.
In March, the SEC charged a former CIO of a U.S. business unit of Equifax, Jun Ying, with violating the antifraud provisions of the federal securities laws and seeks disgorgement of ill-gotten gains plus interest, penalties, and injunctive relief. According to the SEC’s complaint, Ying exercised all of his vested Equifax stock options and then sold the shares, netting proceeds of nearly $1 million before public disclosure of the data breach.
“We are fully cooperating with the SEC and the Department of Justice, and will continue to do so,” Equifax spokeswoman Ines Gutzmer told The New York Post. “We take corporate governance and compliance very seriously, and will not tolerate violations of our policies.”
In November 2017, an internal Equifax investigation reported that CFO John Gamble, president of U.S. information relations Joseph Loughran, investor relations director Douglas Brandberg, and workforce solutions president Rodolfo Ploder were clear of any evidence of insider trading. But according to reports, those Equifax executives are still under investigation by the U.S. Department of Justice.