(CN) – Equifax’s board said Friday that four executives’ stock sales that occurred in the weeks after the company suffered a historic data breach, but before that breach was made public knowledge, did not constitute insider trading.
In September, credit-reporting giant Equifax admitted that it suffered a massive data breach over the summer due to its failure to patch a known vulnerability in the Apache Struts web application.
Hackers stole the personal identifying information of up to 145.5 million U.S. consumers, including full names, birth dates, Social Security numbers, addresses and driver’s license numbers.
Up to 44 million British consumers may also have been affected, as well as 8,000 Canadian residents.
In the week following the announcement, Equifax shares fell 35 percent, and they continue to trade 25 percent below their pre-announcement price.
In the ensuing media investigation, Bloomberg discovered that several top Equifax executives – Chief Financial Officer John Gamble, U.S. Information Solutions President Joseph Loughran, Workforce Solutions President Rodolfo Ploder, and Senior Vice-President of Investor Relations Douglas Brandberg – sold $1.8 million worth of Equifax stock after the company became aware of the security breach, but before it informed the public.
On Friday, Equifax’s board of directors cleared the four men of any wrongdoing after a special committee investigation found that “none of the four executives had knowledge of the incident when their trades were made, that preclearance for the four trades was appropriately obtained, that each of the four trades at issue comported with company policy, and that none of the four executives engaged in insider trading.”
The special committee reviewed more than 55,000 emails, text messages, phone logs and other documents in the course of the investigation.
Equifax’s trading policy provides that senior officers may trade Equifax shares only in certain specified “windows,” and only if they receive preclearance from the company’s chief legal officer.
This year, the window was July 28 through August 31 – closing just one week before the company informed the public of the security breach. All four men received clearance from the legal department to sell the shares.
“I’m grateful for the timely and thorough review by the special committee of this important matter,” Non-Executive Chairman Mark L. Feidler said in a statement. “The board takes very seriously any allegation of insider trading. It is critically important for the public, our shareholders, our customers and our employees to know that we will not tolerate any violation of company policy or the law regarding the trading of securities. The conclusion that the company executives in question traded appropriately is an extremely important finding and very reassuring.”
Equifax still faces several state and federal inquiries into the data breach, and multiple class-action lawsuits seeking billions of dollars in damages.