An internet engineer at Equifax who coded parts of a breach portal for the credit agency has been sentenced to 8 months of house arrest for insider trading. He was convicted of using insider information about the Equifax breach to make more than $75,000.
The U.S. Securities and Exchange Commission (SEC) said Sudhakar Reddy Bonthu, 44, of Cumming, Georgia, figured out on his own that the website he was building was for a massive security breach at Equifax, the very company he worked for.
That site was 'equifaxsecurity2017.com,' where Equifax sent everyone to see if they were affected by that huge 2017 security breach, in which personal data for more than 145 million users was hacked.
In addition to the eight months of home confinement, Mr. Bonthu is also responsible for restitution of funds, somewhere in the neighborhood of that $75,000 figure.
In August 2017, Equifax managers told Bonthu he had been recruited to work on an internal project named Project Sparta. Managers didn't provide Bonthu with details about the project, but they said the company was handling a security breach for a high priority client that was going public with news of a breach the next month, in September 2017.
Bonthu was ordered to create the online interface through which that company's customers would be able to query a database and see if they were affected.
The SEC said in an indictment that Bonthu realized on his own –based on test data and discussions on internal mailing lists– that the secretive Project Sparta client was, in reality, his employer.
The SEC said that Bonthu abused this information and used his wife's brokerage account to buy 86 "put options" in Equifax stock worth $2,166.11. Bonthu's stock options would come through if Equifax's stock had gone below $130 per share by September 15.
As expected, Equifax stock plummeted after the company disclosed its breach on September 7, 2017, and stock price reached $123.23 on September 15, netting Bonthu $77,333.79 (profit of $75,167.68), a 3,500 percent increase on his investment.
Bonthu's transactions came to light after Equifax started internal investigations into several reported cases of employee insider trading.
The company fired Bonthu in March 2018 after he refused to cooperate with their investigation. He previously worked at Equifax since September 2003.
ZDNet has links to all the court documents.
Equifax is not your friend.