According to the SEC’s complaint, Jun Ying, who was next in line to be the company’s global CIO, allegedly used confidential information entrusted to him by the company to conclude that Equifax had suffered a serious breach.  The SEC alleges that before Equifax’s public disclosure of the data breach, Ying exercised all of his vested Equifax stock options and then sold the shares, reaping proceeds of nearly $1 million.  According to the complaint, by selling before public disclosure of the data breach, Ying avoided more than $117,000 in losses.

“As alleged in our complaint, Ying used confidential information to conclude that his company had suffered a massive data breach, and he dumped his stock before the news went public,” said Richard R. Best, Director of the SEC’s Atlanta Regional Office.  “Corporate insiders who learn inside information, including information about material cyber intrusions, cannot betray shareholders for their own financial benefit.”

The U.S. Attorney’s Office for the Northern District of Georgia today announced parallel criminal charges against Ying.

The SEC’s complaint charges Ying with violating the antifraud provisions of the federal securities laws and seeks disgorgement of ill-gotten gains plus interest, penalties, and injunctive relief.

The SEC’s investigation, which is continuing, has been conducted by Elizabeth Skola and Justin Jeffries.  The litigation is being led by Shawn Murnahan and Graham Loomis.  The SEC appreciates the assistance of the U.S. Attorney’s Office for the Northern District of Georgia and the Federal Bureau of Investigation.