Right before Equifax revealed that it had failed to secure the information of some 143 million Americans, some company executives sold off nearly $2 million in Equifax stock — a move that is currently under investigation. According to a new report, the Equifax executive who approved those stock sales is also the exec in charge of the company’s cybersecurity.
The Wall Street Journal, citing people familiar with the matter, reports that investigations by Equifax’s board and the Securities & Exchange Commission currently focus on Equifax’s top lawyer, John Kelley.
Kelley is in charge of approving share sales by executives and overseeing cybersecurity at the company. These roles further intensify questions related to what Kelley knew when he approved the share sales, reportedly just days after the breach was uncovered in July.
A Security Role
Kelley, who is also in charge of government and legislative relations, was put in charge of cybersecurity at the company in an effort to provide an unbiased look at where money would go, sources tell The WSJ.
Under the arrangement, former chief security officer Susan Mauldin, who “retired” just a week after the breach was announced, reported to Kelley.
Under the arrangement, Mauldin was responsible for informing Kelley of potential issues related to the company’s security, sources tell The WSJ. Kelley would then pass this information on to former CEO Richard Smith, who resigned from the company last week.
The WSJ reports that Equifax contends that the executives who sold the shares were unaware of the breach when they made that decision. Sources note that the three executives had not been involved in meetings about the breach.
However, the shares were sold Aug. 1 and Aug. 2, just days after the breach was uncovered by security staff on July 29.
It’s unclear if Kelley was informed of the breach on that day. If he was aware of the issue and then approved the share sales that would be troublesome.
For this reason, Equifax’s board has opened its own inquiry into Kelley’s role and knowledge of the hack.
The WSJ reports that an exchange between SEC chairman Jay Clayton and lawmakers suggests that the agency is now investigating the share sales.
During a Senate Banking Committee hearing last week, Louisiana Senator John Kennedy thanked Clayton for investigating the issue.