“Sounds bad”, the former Equifax CIO wrote in a text after learning of the breach that ended up affecting almost half the US population

Share

“Sounds bad”, the former Equifax CIO wrote in a text after learning of the breach that ended up affecting almost half the US population

The Equifax debacle is in the news again, as a former executive of one of the firm’s business units was sentenced to four months in prison last week for capitalizing on early knowledge of the massive security incident two years ago, according to a press release by the US Department of Justice (DOJ).

Jun Ying, the former Chief Information Officer (CIO) of Equifax’s US Information Solutions division, pled guilty back in March to selling his shares in the credit bureau. He admitted to dumping his stock after becoming aware of the breach but before it was disclosed a week and a half later.

This ultimately earned him the prison sentence, which was imposed last Thursday, as well as a fine of US$55,000. He was also ordered to pay restitution worth some US$117,000 and the prison time will be followed by a year of supervised release.

According to MarketWatch citing a court filing, prosecutors were seeking a longer jail time – a year and three months, as well as a $75,000 fine and the restitution worth US$117,000.

As retold in detail by the DOJ, Ying knew full well what he was doing when becoming aware of the hack, and acted with alacrity:

The breach at Experian, a competitor to Equifax, affected up to 15 million people.

Meanwhile, the breach at Equifax was eventually found to affect up to 148 million people. One in every two Americans, as well as hundreds of thousands of Canadians and Brits, had a range of sensitive information, including names, social security numbers, birth dates and addresses, siphoned by hackers. As we recalled a few weeks ago, the incident was facilitated by a critical vulnerability in the Apache Struts web application framework for which a patch was issued on March 6, 2017 but which Equifax failed to install in time.

Ying is the second former Equifax executive to face the music over insider trading relating to the data breach. Last October, former Equifax software product development manager Sudhakar Reddy Bonthu was sentenced to eight months of home confinement, fined $50,000, and made to give back his ill-gotten gains.

1 Jul 2019 – 06:00PM

Save & Share Cart
Your Shopping Cart will be saved and you'll be given a link. You, or anyone with the link, can use it to retrieve your Cart at any time.
Back Save & Share Cart
Your Shopping Cart will be saved with Product pictures and information, and Cart Totals. Then send it to yourself, or a friend, with a link to retrieve it at any time.
Your cart email sent successfully :)