July 5, 2019

Chief information officer at credit reporting agency sentenced to prison for trading on security breach information

On March 7, 2019, Jun Ying, former Chief Information Officer in the US Information Solutions division of credit reporting agency Equifax, Inc., pleaded guilty to one count of securities fraud  for trading on material nonpublic information, in violation of Equifax’ ethics and compliance policy and 18 USC § 1348.  The facts, as alleged in the indictment, reveal that Ying traded in Equifax securities after he learned of the 2017 security breach in which hackers obtained the names, social security numbers, birth dates, addresses and some driver’s license numbers of approximately 145 million people.  Despite Ying’s duty to his employer, his obligation under the Equifax Insider Trading Policy not to trade on material nonpublic information, and a special trading blackout issued by Equifax for employees who were aware of the breach, Ying exercised stock options for Equifax securities, and then sold them, realizing a gain of over $480,000 before the public announcement of the security breach.  Ying was sentenced on June 27, 2019, to four months imprisonment, one year of supervised release, a fine of $55,000, and forfeiture of $117,117.61.

In a parallel civil case brought by the Securities and Exchange Commission, Ying consented to the entry of a final judgment permanently enjoining him from violation of 15 USC §§ 77q(a), 78j(b) and Rule 10b-5 thereunder, prohibiting him from acting as an officer or director for ten years, and ordering him to pay disgorgement in the amount of $117,117.61, to be offset by the forfeiture amount ordered in the criminal case.

Indictment | Judgment | Consent order and judgment of forfeiture

Consent order (SEC)