On Thursday, Equifax made a major disclosure — the leaking of up to 143 million consumers’ personal information, including social security and credit card numbers — regarding a cybersecurity “incident.” The realization that a major credit bureau’s oopsie could result in damaged credit for much of the affected group was too much to accept for many people, who are outraged and want to know how this was allowed to happen.
The backlash won’t be eased by a new report from Bloomberg, which states that three Equifax executives unloaded major chunks of the company’s stock after the breach was discovered on July 29. The stock sales occurred mere days later and well before the public disclosure of the breach:
“The credit-reporting service said earlier in a statement that it discovered the intrusion on July 29. Regulatory filings show that on Aug. 1, Chief Financial Officer John Gamble sold shares worth $946,374 and Joseph Loughran, president of U.S. information solutions, exercised options to dispose of stock worth $584,099. Rodolfo Ploder, president of workforce solutions, sold $250,458 of stock on Aug. 2. None of the filings lists the transactions as being part of 10b5-1 scheduled trading plans.”
Yeah, that’s not a good look, especially when one considers that 44% of the U.S. population could see negative consequences all over their credit reports for a very long time. Wired has published some tips on how consumers can project themselves, but since the data is already out there, such measures are largely limited to staying “calm and cognizant” while consistently monitoring their own credit reports for fraudulent activity.
Yet if you’ve ever had the pleasure of disputing a false entry on such a report, you know how time (and energy) consuming this process will turn out to be.
In the meantime, an Equifax spokesperson released a statement (pretty much saying the stock sales were no big deal) to Gizmodo:
“Equifax discovered the cybersecurity incident on Saturday, July 29. The company acted immediately to stop the intrusion. The three executives who sold a small percentage of their Equifax shares on Tuesday, August 1, and Wednesday, August 2, had no knowledge that an intrusion had occurred at the time they sold their shares.””
Will this statement help mitigate this PR disaster? Since negative items remain on credit reports for at least seven years, it only seems fair for Equifax to accept that they’ll have a fair amount of grovelling to do before earning back some consumer goodwill.