Regulatory fallout continues to haunt the consumer credit reporting agency as Sudhakar Reddy Bonthu, a software engineer, became the second Equifax employee to be charged with insider trading.
According to the Securities and Exchange Commission (SEC) complaint (see here for document), Bonthu - based on information he received over a one week span - concluded that Equifax had suffered a massive security breakdown. Bonthu proceeded to buy options in Equifax’s stock, using his wife’s brokerage account, prior to the data breach announcement. When Equifax disclosed the breach on September 7th, 2017 and saw its stock price plummet the next day, the software engineer was left with a cool $75,000 profit, according to SEC documents. Upon entering his guilty plea, Bonthu reached a settlement with the SEC, and is scheduled to be sentenced on October 18th, 2018.
Bonthu joined Equifax’s former US Chief Information Officer (CIO), Jun Ying, as the other employee charged with insider trading. When Ying realized that Equifax had suffered a material data breach, Ying sold all his vested Equifax stock to avoid incurring losses when the breach was subsequently disclosed. In March 2018, Ying was charged by the SEC for insider trading (see here for document).
In this case, we have two examples where the first thought of insiders - tasked with IT security – was to use insider knowledge of a cyber breach to profit. Another lesson that rogue employees can be the weakest link in an organization’s security posture.
Montreal
1080 Côte du Beaver Hall, Suite 904
Montreal, QC
Canada, H2Z 1S8
+1-450-465-8880
Halifax
84 Chain Lake Drive, Suite 501
Halifax, NS
Canada, B3S 1A2
+1-902-429-8880
Manila
Ground Floor, Three E-com Center
Mall of Asia Complex
Pasay City, Metro Manila
Philippines 1300
Sydney
Level 36 Governor Phillip Tower
1 Farrer Place Sydney 2000
Australia
+61 (2) 8823 3370
Abu Dhabi
Floor No.15 Al Sarab Tower,
Adgm Square,
Al Maryah Island, Abu Dhabi, UAE
Tel: +971 (2) 694 8510
Copyright © 2021 Entreprise Castle Hall Alternatives, Inc. All Rights Reserved.
Terms of Service and Privacy Policy