A former Equifax Inc. executive has been jailed for insider trading following an admission that he sold shares in the company after learning it was hacked but before the information was released publicly.

Charges against former Equifax Senior Vice President Jun Ying (pictured) came from an investigation launched by the U.S. Department of Justice in September 2017. Ying was formally charged by the U.S. Securities and Exchange Commission for insider trading in March 2018.

The SEC accused Ying of violating the anti-fraud provisions of the federal securities laws in exercising all of his vested Equifax stock options and then selling the shares prior to public disclosure of the hacking.

The evidence that Ying knew what he was doing included discussing the data breach privately with colleagues and conducting web searches on the stock price impact of a data breach of Experian plc, a competitor to Equifax, before going on to exercise his stock options and then selling the stock. Faced with this evidence, Ying pleaded guilty to the charges in March.

“Ying thought of his own financial gain before the millions of people exposed in this data breach even knew they were victims,” U.S. Attorney Byung J. Pak said in a statement last Thursday. “He abused the trust placed in him and the senior position he held to profit from inside information.”

Ying got off fairly lightly, with only four months behind bars, a year of supervised release, a restitution payment of $117,000 and a fine of $55,000. Prosecutors had been asking for a year and three months in prison and a $75,000 fine in addition to the restitution, according to MarketWatch.

Ying is the second person to have been found guilty of insider trading in relation to the Equifax data breach. Sudhakar Reddy Bonthu, a former Equifax software development manager, pleaded guilty to a similar charge in 2018. Bonthu did not serve jail time but instead was ordered to serve eight months home confinement as well as pay at $50,000 fine.

The news is another footnote on the sordid tale of the 146.6 million records stolen from Equifax in September 2017. Although there have been bigger hacks both before and after, Equifax stands out for the level of personally identifiable information involved. Since it’s a credit reporting agency, the data included a hacker’s treasure trove of Social Security numbers, addresses, phone numbers and driver’s licenses that could all be easily used for nefarious purposes, including financial crimes.

Photo: HMG Strategy/Jun Ying