You may have heard about the Equifax breach in which hackers got access to Social Security numbers of up to 143 million people — probably including you and me. Looks like some Equifax executives may have profited (or at least avoided losses) on the news:
Three Equifax Inc. senior executives sold shares worth almost $1.8 million in the days after the company discovered a security breach that may have compromised information on about 143 million U.S. consumers.
The trio had not yet been informed of the incident, the company said.
The credit-reporting service said late Thursday in a statement that it discovered the intrusion on July 29. Regulatory filings show that three days later, Chief Financial Officer John Gamble sold shares worth $946,374 and Joseph Loughran, president of U.S. information solutions, exercised options to dispose of stock worth $584,099. Rodolfo Ploder, president of workforce solutions, sold $250,458 of stock on Aug. 2. None of the filings lists the transactions as being part of 10b5-1 scheduled trading plans.
You probably will not be surprised to learn that the stock plummeted today on the announcement. Had these executives held on to the stock, they would have lost a lot of money. But instead, knowing about the breach, they sold the stock before the breach was announced.
It sounds outrageous, but the company claims that the sales represented “a small percentage of their Equifax shares.” Different people define “small” differently. I have a feeling the SEC will be taking a close look at this. If there were hijinks, someone might be going to prison. (Then again, maybe these dudes are members at one of Trump’s golf clubs and will skate. You never know!)
It is an interesting question whether insider trading should be illegal. The fact that we may recoil at it does not mean it is necessarily bad for society. And there are rational arguments that suggest that insider trading is a good thing, because it helps spread information. As economist Bob Murphy says:
In a nutshell, insider trading is beneficial because it moves market prices closer to where they ought to be. Those profiting from “inside knowledge” actually share that knowledge with the rest of the world through their buying and selling.
Murphy argues that if you parse out who actually loses when insider trading occurs, it’s not the public at large, but just other investors who might have done better through dumb luck. Meanwhile, when insiders profit from their greater knowledge, that knowledge is spread, to the benefit of the public.
Consider these facts from the above story: the company discovered the breach on July 29 — and we are just hearing about it today, on September 7. Was there a cover-up due to embarrassment, or a desire to minimize the company’s damages, to the detriment of the public? Perhaps. On the other hand, there might have been good law-enforcement related reasons for the delay:
The Atlanta-based company declined to comment on that delay or anything else beyond its published statement. It’s not unusual for U.S. authorities to ask a company hit in a major hack to delay public notice so that investigators can pursue the perpetrators.
And yet, that is cold comfort to anyone who is harmed by the breach, yet could have protected themselves over the last month. Perhaps allowing insider trading could have helped communicate news of the breach faster, even if the company — for legitimate or illegitimate reasons — kept the knowledge of the breach closely guarded.
Since I am not a securities law expert, I am also puzzled by exactly what it means to profit from insider knowledge, and where the line is drawn. If you sell your shares before announcing the breach, you’re probably profiting from the insider knowledge. But what if you set up one computer (or even browser tab) to effect a sale of stock, and set up another computer (or browser tab) to send a press release about the breach? Either can be accomplished by the push of a button. If you press the buttons in rapid succession — but press the button to send the press release first — have you profited from the insider information? Probably. So how long do you have to wait?
There may be settled answers to these questions. But I don’t know what they are — and if there are, chances are that the rules don’t make a whole lot of sense.
All this theoretical talk aside, I still kinda want to see these executives suspended above a vat of boiling oil by a sturdy cord wrapped firmly around their testicles.
Would that benefit society? Maybe not. But those of us who have almost certainly had their personal information stolen might consider it a very worthwhile project.