Hacker News new | past | comments | ask | show | jobs | submit login
Three Equifax Managers Sold Stock Before Cyber Hack Was Revealed (bloomberg.com)
650 points by QUFB on Sept 7, 2017 | hide | past | web | favorite | 169 comments

So, does this count as insider trading? My intuition says 'yes'. But my intuition about a thing and what the law says don't always match.

From the article:

Regulatory filings show that three days later, Chief Financial Officer John Gamble sold shares worth $946,374 and Joseph Loughran, president of U.S. information solutions, exercised options to dispose of stock worth $584,099. Rodolfo Ploder, president of workforce solutions, sold $250,458 of stock on Aug. 2. None of the filings lists the transactions as being part of 10b5-1 scheduled trading plans.

The three “sold a small percentage of their Equifax shares,” Ines Gutzmer, a spokeswoman for the Atlanta-based company, said in an emailed statement. They “had no knowledge that an intrusion had occurred at the time.”

The timing is very suspicious, but if they can prove that they had no knowledge, then they are safe. Given their titles, that seems like a dubious claim.

Actually it is the state that has to prove mischief. They still enjoy presumption of innocence.

I agree the timing is suspicious, but the amounts are pretty small. Even if the stock drops 20% long term due to this (which IMO is highly unlikely), a high ranking executive risking a jail term to avoid losing 50k of stock is (again IMO), absolutely irrational.

Martha Stewart's insider trading saved her ~$45k. At the time she worth around $600m. I agree, not rational.

She wasn't actually convicted of insider trading.

After a highly publicized six-week jury trial, Stewart was found guilty in March 2004 of felony charges of conspiracy, obstruction of an agency proceeding, and making false statements to federal investigators

So basically the semantics of an investigation rather than a crime. The type of thing the state resorts to if they still want to prosecute you even if they don't have a good case against you for the original crime?

Take the "making false statements to federal investigators" one for example, the "false statements" don't have to be at all related to the investigation (or eventual prosecution) at hand, they could have nothing to do with her personal financial matters, they just have to something you say that was not true during the course of the investigation.

Or "conspiracy" and "obstruction", both have a long history of providing law enforcement and prosecutors plenty of leeway to take punitive measures regardless of the feasability of the original case.

Very similar to the long history of 'resisting arrest' and 'assaulting a police officer' being used on a more localized level whenever a citizen did not show total obedience to police, regardless if they committed a crime or not.

all which was related to ~$45k? Hardly rational.

They usually get people for panicking when they're investigated. You never want to talk to federal investigators without a lawyer and you want to be very sure as to whether you actually remember things or not. People often play that safe by not remembering much of anything, but that can also bite you if you remember later.

Sometimes narcissists can't help themselves. (See our president) They lie because it's what they do.

Did she just do it the once, or was she just caught the once?

>I agree the timing is suspicious

More so considering that prior to the sale John Gamble (the CFO) hadn't sold a single share in the three years that he has been with the firm.

You are correct. I mistakenly thought the incident was in May, but I see now that it's the August trades that are in question. His only sales were in May and August of this year.

>high ranking executive risking a jail term to avoid losing 50k of stock is (again IMO), absolutely irrational.

You act as if this is a real senario and would have a non-negligible probability of occurring.

Depends on what one considers negligible. But I think govt attorneys made an example of Martha Stewart exactly to highlight the nonzero chances of jail if one, no matter how rich, ignores public securities laws.

There is a non-negligible possibility of this occurring. Insider trading is ridiculously easy to prosecute (the market is closely monitored) and the government regularly seeks prison time for executives. Rich people go to jail all the time for it.

> Rich people go to jail all the time for it.

Is that true? What do you mean by "all the time"?

Yes. At least they were smart enough not to buy options. :-)


Somebody opened a huge options position on EFX a couple weeks ago. No way to tell who, of course, but it certainly looks suspicious. I posted the chart here: https://twitter.com/dimfeld/status/905952247682547716

So, I struggle understanding options jargon, maybe you can help -- from your tweet: is 2500 alot? 2500 of what - stock that borrowed? $135 is lower than yesterday's price, but higher than today's open @ 125 - does that mean someone who bought the puts can cash out at $10 profit this morning?


Someone bought 2500 put options. Each option gives the owner the ability to sell 100 shares at the strike price of the option.

If whoever owns those options exercises them today (And covers their short position at a price of $125) they will make ~$2.5m on a ~$200k bet.

Exactly - it's the most "efficient" way to make money if you have inside information, because you only have to put a small amount of money down on the option relative to the payoff.

This is why the options market is the first place regulators look on insider trading.

The "president of U.S. information solutions" had no knowledge of a massive information breach. Sure...

"But my intuition about a thing and what the law says don't always match"

I wish more people on this forum recognized this

People on this forum take the latitude to discuss the differences between the "letter of the law" and the "spirit of the law". They are both supposed to be factored into legal investigations and judgments when deciding someone's guilt or innocence.

Someone who has deep understanding of the letter of law and uses it to semantically defy the spirit of the law (like tax evasion by exploiting loopholes that were not designed for their use case) do, in my opinion, deserve criminal punishment.

The tax code was designed to tax entities who use more than their fair share of public resources to make private profit. Think about the legions of WalMart semi-trucks ripping up highways that most taxpayers pay for; it gets to profit from its use of infrastructure that it uses way more of than the average taxpayer.

Obeying the intent of these kinds of laws as they were written originally requires ethics that many corporate individuals simply don't have.

Recognized that the law doesn't apply to rich people?

Recognized that just because something seems like it should be true doesn't actually make it true

Insider trading laws apply pretty much exclusively to rich people.

More like the law was written in cooperation with the people that became wealthy through means that used to be legal and protected themselves and their legacy by kicking away the ladders they used.


Seems like you're saying the same thing as your parent commenter.


Didn't downvote but I figure I should better support it if someone actually cared enough to criticize...

From a trade policy perspective alone we have plenty of supporting evidence among developed countries of self-serving policymaking. Ha-Joon Chang, economist at Cambridge, has written several books criticizing neoclassical economics policies commonly used by both left and right wing policy makers across many developed economies including one literally called "Kicking Away the Ladder" describing how an alarming trend for developing countries to make trade and domestic economic policies that close off tools these countries used themselves to grow their economies. A recent case of not following conventional policies and playing into the hands of the ultra wealthy is Iceland following their real estate collapse and now subsequent rebuilding on their terms as suggested by economist Michael Hudson, another critic of neoclassical economic policies.

Regulatory capture is one of several by-products of cronyism and an oligarchical rather than impartial, equal opportunity system but even in a toy case study in sports there is clear evidence of bias with regulatory experience http://onlinelibrary.wiley.com/doi/10.1111/coep.12240/abstra... If there's policymaking and enforcement bias over time in something with as little consequence as sports but also certainly fiscal motivators (for teams, NHL Commission, etc) it would be strange if our government policies would be exempt from the same human dynamics that is specifically meant by those with hidden information to stay obscure and hidden. But not a whole lot of grant funding out there to investigate corruption exactly, so rigorous academic research on corruption, regulatory capture, and other perversions of capitalist society is sparse, oftentimes difficult to get solid data, and thus difficult to cite in a random Internet comment to the satisfaction of pedantic critics that react to defend any assailment of the much-maligned wealthy.

I'll omit the studies showing those with wealthier backgrounds showing tendencies toward far more loose ideas of lawfulness and fairness compared to the general population.

Also, I wrote it partly tongue-in-cheek in tone responding to a potentially more inflammatory, generalized, presumptuous comment and somehow that was ignored?

I wrote that comment when I was really tired and went too far trying to make a point. I apologize for the flippant-tone, it was completely unnecessary. Thanks.

It's hard to prove intent.

If there's a history of these execs selling similar amounts of stock in other quarters, then it's probably not insider trading.

If the paperwork trail started an hour after the first meeting where they learned about the breach, and they had never sold stock before, then it's probably insider trading.

Since the truth is somewhere in between, it's hard to say. It's hard to believe that these people didn't recognize the optics of what they were doing. But, that's why we have investigators and courts.

Intent doesn't need to be proven. If you knew of the material non-public information and you then decided to execute a trade you're guilty of insider trading.

It's not that clear cut. Otherwise, no one in the leadership of a company would ever be allowed to buy or sell stock.

Corporate leadership is usually reluctant to trade in the company's stock outside of a 10b5-1 plan because of this sort of problem.

That's precisely what scheduled sales via 10b5-1 plans are for. To schedule future and recurring stock sales to avoid this.

Actually there are three criteria: 1) Information is material 2) Information is not public 3) Breach of duty through the "trust and confidence" clause.

It would be highly unusual for the CFO not to have the burden of confidence but even for a division president it's not clear they'd have corporate officer responsibilities.

During compliance training in my old life they covered the classic "overheard in a coffee shop" example as a way to highlight that a barista does not owe confidentiality to a random public company. However, I don't think it's ethical behavior regardless of whether it'd result in a conviction.

I think all employees are covered by 3 breaching trust is gross misconduct in the UK

oh, that's really interesting!

yes if your employer loses all trust in you its one of the things they can sack you for and this also can be collective ie I know one of my team stole xx£ you can fire all of them - which surprised me when I first heard about it.

> If there's a history of these execs selling similar amounts of stock in other quarters

That's what 105b-1 trading plans are for. If they had used them there would be no questions to ask.

Insider trading is any trading performed using non-public knowledge. Theoretically even a pre-scheduled trade could be insider trading, if it relied on non-public knowledge which remained non-public until the time the trade executes. Of course, that's a pretty hard scenario to concoct, so generally pre-scheduled trades 3+ months out are considered safe for even high-level insiders. Not to mention all the extraneous movement that might happen within that same time period that could very well nullify any knowledge advantage.

Interesting fact: commodities were not subject to such a law in the USA until Frank-Dodd Act. The rule was named for Eddy Murphy, who played a commodities trader in Trading Places[1].

The reasoning, as I heard it, was that all farmers who hedged their own crops with commodities trading, had some amount of insider knowledge just by looking at their own farm/crop/weather. Stealing a data report before it is publicly announced, however, seems like it would violate some laws. Paying to access reports early seems to be a lucrative offering of some of the data providers.

[1] https://en.wikipedia.org/wiki/Trading_Places#Legacy

If you haven't seen Trading Places, please please please make the time to watch it. Its both educating and entertaining!

Doesn't there still have to be some judgement call? I would assume Insider Trading means trading on non-public knowledge that will significantly move the stock price, not just any old information that is not public. All kinds of employees have non public knowledge of things going on in a company that may or may not affect the stock price.

What would happen if a Executive found out about a data breach, sold some stock, but when the breach was announced later the stock price remained flat or went up (just for the sake of argument). Would that still be insider trading?

You are correct. I was a little loose in my language, and should have said material non-public information. Material information is exactly what you describe: Information which would be reasonably expected to affect the market.

If all trades based on non-public knowledge were insider trading, the financial analysis industry would not exist

The financial analysis industry synthesizes its models from public knowledge.

Key quote here: None of the filings lists the transactions as being part of 10b5-1 scheduled trading plans.

Public companies typically have scheduled sales of their options for people at this level. This was not that.

They traded based on material, non-public information, so I would have to say yes, this is definitely insider trading, but I'm not a lawyer...

Food for thought: you are basing your admittedly uneducated opinion of a legal matter on a single criteria.

If you end up being right, it will have been almost pure luck, but it may reinforce certain incorrect assumptions, like your theory that this single criteria was the deciding factor, or that this kind of armchair analysis is productive.

Point being: even if you are right, it's probably a bad idea to even take the position to begin with.

Acting on material, non-public information is considered insider trading by most definitions, no need to get lawyers involved.

However, whether these managers broke the law and if and how they should be punished is a legal question most people here should probably shut up about.

Most likely yes. Actually if this doesn't count I don't know what is. However just like you, don't take my word, not a lawyer.

Off topic question... Is there a law about giving legal advice in a public forum if you're not a lawyer? Why do people add the disclaimer about not being a lawyer. Generally curious.

Moreover, is there a law about impersonating lawyer in a public forum (not that any ethical person would do that of course)?

No there is not a law against giving legal advice if you're not a lawyer. It's lawyers who are sometimes prohibited from giving legal advice. Non-lawyers have the usual freedom of speech, restricted in the usual ways.

Claiming that you are someone you're not on the Internet is so commonplace it is hard to see where any trouble would come of it by itself. Again it's different if you knowingly cause harm to others.

I'm not a lawyer. This is not legal advice. Or maybe I am and it is. Who knows.

> No there is not a law against giving legal advice if you're not a lawyer.

In most (all, I think) US jurisdictions, providing legal advice is practice of law, and doing it without a license to do so in the state is prohibited (usually, a crime.)

This isn't not legal advice and I am not a lawyer. Consult an actual lawyer licensed in your state before deciding whether or not you should provide legal advice.

I think you are prohibited from giving legal advice for a fee not advice of a legal nature generally, telling a friend how to file in small claims court isn't prohibited for example.

In some states the collection of the fee is not relevant. All that is relevant in these states is that you do or do not have a alicense to practice and that you were conducting work that is typically conducted by an attorney and you are providing legal advice. In some states just the act of typing a Motion for someone who is representing themselves in open court is practicing law without a license unless you have passed your bar exam. You can get in trouble for drafting a Motion for your spouse and vice versa unless you are an attorney representing your spouse.

Legal advice should be limited to someone who is an attorney. There are ways around that giving of advice, you can say, "if air were in that position I would do xyz." Or "when that happened to me my attorney said I should xyz."

Practicing law without a license is a crime albeit one not often prosecuted unless you are representing yourself as an attorney and in most cases that involves the transfer of monies for those legal services but not always.

"This isn't not legal advice..."


You sometimes see this as IAALBINYL (instead of the more common IANAL), standing for "I Am A Lawyer But I Am Not YOUR Lawyer"

Or, "free legal advice is worth what you paid for it."

It's worth noting, though, that many forms of actual "free" legal advice still come with serious professional obligations on the part of the lawyer. Pro-bono work, public defenders, contingency basis, etc are free to some extent, but nonetheless create a client relationship that is at least nominally as serious as one that is paid for.

There is a reason that lawyers online are very quick to point out that they are not opening up such a relationship.

Public defenders are most definitely not free (in the US anyway), you just don't have to pay up front and are guaranteed to you even if it's obvious you have no ability to repay.

My understanding is that lawyers are accountable to the legal advice they give.

So they give legal advice, then the person reads the advice, and acts on it. If it's wrong then they can sue.


If you frequent online forums for hobbies that have lots of regulations, you'll run into this a lot.

It's mostly to remind people to not trust advice on the internet. While the person giving legal advice might be correct, they haven't read and understood the law with the legal background a lawyer has.

It likely is a result of "copy-catting" to some extent. For those that _are_ lawyers, giving legal advice without first clearly stating to the recipient that no implicit attorney-client relationship is being created can create just such a relationship (i.e., and therefore potentially subject the atty. to possible malpractice charges, etc.). So actual attorneys always preface any statements with the "not advice" comment. Because of that, some non-lawyers may have picked up upon the practice and started restating it as "I'm not a lawyer ..." from some belief that there is a legal requirement to do so.

Not a lawyer (ironically) but afaik there are all sorts of laws governing an attorney-client relationship, and it's possible to implicitly enter into such a relationship by giving something resembling legal advice.

Where I am (Ontario, Canada) I believe it is illegal to give legal advice if not a lawyer, and to impersonate a lawyer [0]. I'm not a lawyer and could be wrong of course... but the disclaimer costs me nothing and makes it moderately less likely to be illegal (and less likely to be prosecuted even if it is illegal)

[0] https://www.canlii.org/en/on/laws/stat/rso-1990-c-l8/latest/...

> Why do people add the disclaimer about not being a lawyer. Generally curious.

I've always taken it as "I want people to assume that I know what I'm talking about, unless there are negative consequences. I still want to chime in, though." That said, I'm not a sociologist, and you should procure advice from an expert before forming opinions about people on the internet you've never met.

"IANAL" is polite internet slang for "you can stop reading this comment, as I don't know wtf I'm talking about." Vaguely related to the old "PLONK".

It's a meme. People do it because they see other people doing it.

Correlation does not imply causation. But it certainly does cause suspicion. You'd definitely have to look to see if these were normal trades or that they were planned long in advance. Selling like that can be regular.

Did they have Material Non-Public Information (MNPI) when they traded? If so, yes. If not, no.

John Gamble (CFO) has been dumping heavily since May 20th (http://www.reuters.com/finance/stocks/insider-trading/EFX?sy...).

Am I the only one surprised a CFO is making this amount of money?

Yes. You must be a new college grad?

A CFO of a $17B company making $3m/year[1] is normal.

[1] http://www.reuters.com/finance/stocks/officer-profile/EFX/25...

So one guy sold 1 mil of stock, the stock dropped 6%, so he avoided a 60k loss. Let's say he expected a 20% drop, and he saved 200k.

If a were a millionaire, I wouldn't risk prison for 200k. Even the litigation to avoid prison could cost 100k.

And this is the kind of thing you know all angles will be looked into (it took a news agency a few hours to unearth this).

If he did it (insider trading), he is very stupid.

> If a were a millionaire, I wouldn't risk prison for 200k.

This is part of the reason why you aren't a millionaire. Wealth selects for people who do some strange things to make a little extra money here and there... and there... and there... and there....

It's also why people who aren't like these millionaires (whether of similar means but less wealth or of greater means but fewer questionable choices) think some millionaires make foolish, cruel, or inhumane decisions.

Nah. I'm a millionaire and I wouldn't risk prison for 200k.

Wealth is indeed a proxy measure for certain behaviors, but you're ignoring other even more important behaviors like impulse control and an eye for risk analysis.

Most of us aren't wealthy because we engage in unethical practices; we're wealthy because we understand long term planning and self control.

Here's a related article you might find interesting about the link between self control and wealth. Note as well the negative correlation between wealth and crime, which stands in opposition to the association you attempt to draw above.


>>Note as well the negative correlation between wealth and crime, which stands in opposition to the association you attempt to draw above.

You are pointing the arrow in the wrong direction.

Correlations don't have arrows. They never said there was causation.

Sure they did.

>>which stands in opposition to the association you attempt to draw above

Associations don't have arrows either.

What is under discussion is whether rich people are more likely to do illegal things (maybe because they felt they can get away with it) or they are less likely to do illegal things (maybe because they are risk averse and have more to lose).

No, I did not. As the quote you've excerpted clearly illustrates I noted a correlation only.

You've made a mistake.

You are backpedaling. It is very clear from the context of your post what you mean, as the upvotes on my comment illustrate.

Sorry bud, the guy you're arguing with is correct about what I said.

I stand by my original statement regarding correlation. Your assumption that there's a causal claim is your own mistake. This has been made clear; there's nothing further for us to discuss. Especially given your uh, personality.


I think your point is you know when to stop.

The real trouble is if you are having a streak of luck, you would be absolutely certain there is no reckoning for your deeds coming, this could go on, until it doesn't.

At that point in time punishment/prison looks a heavier price to pay in return for a incremental gain.

Not all risks are the same. You risk death just by getting in a car on a public road. You risk being attacked by a shark if you enter the ocean.

It's important to distinguish likelihood from impact. The heavy impact is "prison"; a lighter impact is a civil suit from the SEC or a similar regulator. The likelihood is unknown right now. It probably went up the second Bloomberg published this article, so it might have been a better decision a few days ago.

The SEC seems to settle for civil penalties more often than the FBI prosecutes for jail time. Sadly, it's more likely that at least 3 managers will probably spend $200k on lawyers to navigate their statements to the authorities over the next few months.

edit The $60k profit will probably also have to defend them against lawsuits by other stockholders.

I don't know what's fair here.

How can anyone prove that they wouldn't have sold some amount of stock in the nearly 6 months since the hack started? How does a prosecutor prove intent without a very damning self-incriminating statement? Certainly $1m in stock sold at a _very_ suspicious time makes me want to blame this guy, but what if he knows he's getting laid off this week? Does that change the calculus of intent?

Intent doesn't matter. Only having knowledge of non-public materially relevant information.


Martha Stewart was a billionaire and wound up spending prison time over an insider trading savings of $45,673. Logic doesn't always apply.

I thought she went to prison for lying about her insider knowledge, not the trading itself.

45k still landed her in prison though

This assumes she became a billionaire completely legally, and only then made one illegal move. The logic assumes you won't get caught, or the fine will be minimal. Much like speeding to the average person.

Mentioned this in an another comment. Its not as much as about logic. Some people just don't know when to stop.

The stock is going to drop a lot more than 6%!

If you are so sure, short it now and make a lot of money.

Markets are closed, but it's down 13% in after-market trading now.

This is not financial advise:

I remember a few commentors on HN recently saying they have made large gains by buying stock of companies after the news of cyber security breaches significantly reduced the share value, then waiting for the dust to settle(reaction-news-cycle to complete) and the price to rise again.

For the benefit of those reading: given that this may very well be the worst breach ever by far, and is likely to attract significant attention from government regulators and prosecutors, this is likely a particularly unwise time to begin attempting this strategy.

The direct financial impact to Equifax is likely to be tiny, and their customers aren't the people who's personal information they just left on the side of the road. Once the news cycle is past, it will be business as usual at Equifax.

If you are willing to gamble real money on that assertion, its there for the taking.

I might do this with options for this breach, depending on what the IV is tomorrow. While this is probably the worst breach ever, it also happened in a time when there's a government that is going to do fuck all about it.

So what's it going to look like 6 months from now? Your guess is as good as mine. Mine is: either absolutely nothing happens and the stock goes back up, or this finally gets something to be done about the garbage that is SSNs and/or credit reports (in which case I can't really imagine what happens to the stock price in any direction).

The sad thing is these breaches are so common place nowadays most of us regular folk just assume all our personal information is compromised to some degree. I'll be curious to see if this breach has any real material business impact.

This was the reaction I got from most non techies. Makes my heart sad.

If it is, wouldn't the best course of action to sell as soon as the news is announced? You then avoid the insider trading accusations (as the information is now public), but still avoid the bulk of the losses.

No, because the information is not considered public until it has been widely disseminate for some amount of time. As I recall, 2 business days, but it may not be strongly defined.

FTA: "None of the filings lists the transactions as being part of 10b5-1 pre-scheduled trading plans."

Anyone with more knowledge: How normal is this sort of behaviour?

Securities laws in the United States prohibit trades made with "material non-public information". A 10b5-1 plan is an affirmative defense to insider trading. The basic idea is that before you get access to material non-public information, you decide "I want to buy/sell X shares on the second Tuesday of every month" or similar. Because the trades are made in a way that was determined before you had access to material non-public information, this is not considered insider trading.

(IANAL, this is not legal advice, etc etc)

What if you cancel the planned trades when you learn of some coming news that disadvantages them?

This is a loophole that exists, yes.

10b5-1 plans set up by the company will sometimes have a rule that no changes are allowed for 30 days, which solves the problem. Not sure how widespread this practice is.

There are rules about amending your plans. My company has trading windows (a month or two after earnings, window open for around three weeks) for when people above a certain level are allowed to make trades. Even higher level employees must have a trading plan. You can only modify your trading plan during the trading window and there are restrictions and limits on how you can modify it and if you need permission to modify it.

Or something along those lines, I'm not high enough level to have to deal with the specifics so I only know the generalities I picked up while trying to determine if I needed to care.

You may have to produce your research or justification for modifying your plans, or selling outside of those scheduled plans. Most attorneys and financial experts will strongly advise you to document every minutia around all changes, no matter how innocuous.

Pretty normal. Their lawyers likely said that as long as they reported in (via Form 3 and Form 4) then it would be complaint enough.

So this was still transparency, and its just fodder for reporters to debate about, because without the Form 3 and Form 4 regulation, you would never know.

Cost benefit analysis.

Uh, what? As another comment noted, they possessed "material non-public information" when they traded. Forms 3-5 just disclose the transaction, not the non-public information that we all just learned about.

This doesn't mean they are guilty of insider trading, especially if there is a pattern of recent sales, but it certainly doesn't absolve them. Definitely smarter to hold off on ad hoc trades until all material information goes public -- or go with a scheduled plan.

here are the sells


All of the guys in question all own 40,000 more shares than the few thousand they sold. Doesn't mean they weren't insider trading or avoiding losses, its a good defense though.

Selling outside of a predefined schedule is always at risk of some scrutiny, because they always have inside information.

Given the size of these sells, they probably need it to cover a margin call, since its common for people to borrow against their shares. Would suck if thats what it was because its damning for civil and criminal liability and would have been likely necessary for their solvency.


So, does this mean just the transparency via regulatory filings is enough to absolve them of any legal liability?

It means that someone from the SEC should probably be looking into the trades. It would take a court to decide any legal liability, and charges would be the result of such SEC action. Having not reported the transactions in the first place would have likely made the sales less defensible -- good ol' "why were they hiding if they aren't guilty?"

That seems incredibly stupid. The CFO especially would be hard pressed to convince anyone either that he 'didn't know' there had been a breach or define himself as not an 'insider.' If the facts are as reported these folks are in a world of hurt.

It perhaps was stupid, but you forget that the burden of proof is the other way around.

I was under the impression C-suites and directors had to file with the SEC in order to sell stock. I'd wager they did and that's how Bloomberg found out about it.

The burden of proof for criminal charges is the other way around. I can think of a few ways he could "in a world of hurt" without being found guilty of criminal charges; in fact without any formal burden of proof:

* A trial or even just discovery for a trial and having to pay lawyers more than he gained from selling this stock.

* Angry shareholders or even board members could demand consequences such as docked pay or termination.

* Negative media attention such as this article.

That reminds me I need to update my address on Equifax. I found out it was wrong after being refused to be allowed to buy a mobile data plan (even though I had all the cash it counts as a credit issue).

After 5-6 phone calls to get the address added to their system, I never did the final one a few days later to get them to update me once it was in their system.

Absolute bunch of arses.

It's amazing how they make it difficult to give them more information. Granted, you aren't paying them directly, but you are effectively making their business more valuable by linking more accurate data to their profile of you.

Aren't senior executives legally required to submit their trading plans well in advance of any stock sale? That certainly seemed to be the case at my last employer.

No, they are not required to do that. Many choose to do that to avoid the appearance of insider trading, though.

No, it's an affirmative defense to do so, but not required. There are a lot of reasons to sell outside of the scheduled plan. Many executives will set up minimal scheduled selling plans and liquidate more as diversification becomes necessary, or key purchases in their life. Documentation is everything.

From the article:

> None of the filings lists the transactions as being part of 10b5-1 pre-scheduled trading plans.

That doesn't answer the question. We all read that the trades were not planned in advance. The question is, is that by definition illegal? Or were the trades only illegal because they had insider knowledge that the price was about to drop?

If they had access to material non-public information and then decided to trade it would be illegal. Trades that are not planned in advance are not illegal in and of themselves.

Do you think executives ever do not have access to material non-public information?

Credit reporting agencies are the cancer of the modern economy. They are rife with inaccuracies, and on top of that, highly vulnerable to hacking , as software engineering is just a cost for them, not their focus.

Their entire function needs to move to the blockchain. Their only value is that of a distributed, trust less ledger, and they charge horrible fees and sit in the middle for doing that terribly

This strikes me as sadly typical of so many "just use a blockchain" plans: it has a hopelessly naive understanding of the topic.

Credit reporting agencies aren't just a big ledger. They collect a lot of information from a variety of sources, verifying and evaluating them. They contextualize, evaluate, and summarize the information. They comply with extensive laws that regulate the use of the information. And then they, with obviously varying levels of success, control who has access to that information.

This work all costs money. It could surely cost less. But dumping terabytes of ungroomed personal data into a public database and then crossing our collective fingers is a startling bad idea. (If you disagree, then please put your last 5 years of financial statements, bills, and receipts unredacted in a GitHub repo and put the link here.)

This is a naïve interpretation of my comment. Here's a real product [1] that considers all the pitfalls you enumerated, and achieves what I had in mind. [1]: https://hellobloom.io

It's a pretty straightforward reading of your comment.

Bloom is a fancier but also naive attempt. Nobody on that team has experience with loan origination, loan underwriting, loan rating, loan syndication, credit reporting, credit scoring, credit cards, debit cards, or debt collection. Having read the white paper, it is weirdly specific on record formats, and weirdly hazy on almost any important issue. It seems a fine example of the XKCD cartoon about physics majors. [1]

Remember when somebody who built a Magic the Gathering card exchange and then decided they could build a currency exchange? I'm not an expert [2], but that's what the Bloom.io stuff reads like to me. People joke that Bitcoin is basically the Dunning-Krugerrand, and things like Bloom don't do much to challenge that view.

[1] https://xkcd.com/793/

[2] Although I have build financial trading software, worked on a loan accounting system focused on the underbanked, and am currently consulting for a commercial lender, so I'm not entirely ignorant.

Again, your response is typical of incumbents in any sector. AirBnb founders weren't hoteliers, Uber founders weren't taxi industry veterans. Everything you know can be learnt from a book, or obtained by hiring someone like you - and there are PLENTY of your kind to hire.

Now, for every successful Uber, there have been 100 failed attempts at the same. Will HelloBloom be the Uber of credit reporting- can't say. But will credit reporting be disrupted by someone like Hello Bloom, definitely.

I'm not an incumbent in the industry. Nice try, though.

My issue here isn't with industry disruption, which I generally like. It's with hallucinatory blockchain-based hype. For years I've been hearing that Bitcoin or some other blockchain technology will disrupt money transfer and online purchasing. But Bitcoin never got any foothold in international remittances and is actually in retreat in e-commerce. Now the Bitcoin hype had metastasized into blockchain and ICO hype, but I don't think there's any more meat to it.

But if you're so sure, let's put money down. I have $500 that says no blockchain-based startup will get even 1% of the US credit reporting market in the next 5 years. We can put the bet up here: http://longbets.org

You in?

You reply:


Yeah, that's what I thought you'd say.

Perhaps I am misunderstanding what you're proposing, but If you moved all credit info to a blockchain, then everyone's info would be public. That seems to be opposite of the goal, so how is that better?

Also, the credit agencies, for better or worse, weigh the different factors in a credit profile, to provide an approximation of an individual's credit worthiness. This information from a credit bureau is solicited by many lenders who are providing the credit.

The point is to have verifiable identity that is tied to something more secure than a (not random) 9 digit [0-9] string and an address.

Your name is on the chain, the assertion you're you is done with your private key.

And are we expecting normal people to do key management?

I'm a normal person. My first attempt at key management was an utter failure, accidentally broadcasting a private key instead of the public one.

I'm a computer security researcher. At some point I posted a public key for people to send me encrypted email. Nobody ever did and at some point I lost that private key.

Point is, key management is hard problem for big corporations with dedicated IT staff. Relying on normal people to be able to do that is just insane.

I'll give another example. My medical practice tried to do GPG encryption in a shared DropBox folder. Within the first week, someone decrypted half the files into the same shared folder...

It was all just a test with non-critical data, but the test was a total failure. And that didn't even get into key-related issues.

Works fine in estonia.

Perhaps Equifax could transition to a key escrow service for those who trust giant corporations more than themselves.

Sure, because of their stellar record protecting PII?

How else do you expect them to start the cars and open the doors to the houses they bought on credit?

Just applying for a mortgage in the UK. Got three different reports from three different companies. Took about 8 hours total to do it and each of them had big issues. One with wrong addresses, another with credit problems because of a company I had no idea about and the other didn't even have the correct spelling of my name...Banks were making decisions on the back of that. Anything is better than that.

If inaccurate information made its way into the blockchain, how could it be removed?

At least credit agencies can remove inaccurate information from your report. They don't make it easy, but they can do it. In a blockchain, how would that be possible?

Just because something is immutable doesn't mean you can't amend an old record to flag it as inaccurate / irrelevant / outdated.

That said, I don't know how I feel about replacing credit bureaus with a distributed database. The issue still revolves around verifying identity and reputation. The blockchain doesn't solve identity. Perhaps it could solve the reputation problem... of a cryptocurrency wallet. How does a merchant know that their current customer doesn't just burn the reputation of a wallet and create another wallet?

I see BitCoin has being a masterful synergy of several existing algorithms and theories. But it's a lot like a 4-legged chair. I've yet to hear a great use of blockchain (other than a cryptocurrency) which supports the chair with all 4 legs. Some proposals would be better served as just a distributed database, others don't benefit at all from being distributed. Some simply don't have an incentive for miners to spend on the electricity needed for Proof of Work and will inevitably suffer from one company consolidating a majority of the network -- thereby compromising the value of the consensus algorithm.

Ask and ye shall receive: https://hellobloom.io/

They actually sell trust.

Perhaps they are overcharging, but they aren't serving a trustless function.

If this is deemed to be illegal then so be it, may the law deal with them.

If not, I think it'd be hard to say that in the same situation I wouldn't do the same.

So the company stated that they (3 of them) did not know about the breach.

I'm interested in what it takes to begin an investigation?

If they wanted to do insider trading why would they sell only a small portion of their shares?

Is it possible or are there free data sources if an average person wants to dig into tradings of Jul 27, two day before official date of discovery.

No, that's not possible. These trades are only public because there is regulation that mandates Equifax to file trades by their employees above a certain level.

Statement of Changes in Beneficial Ownership: https://en.wikipedia.org/wiki/Form_4

Otherwise you have this trading information spread across thousands of brokers (and it doesn't become public)

Wouldn't they have scheduled these trades months in advance like most employees of public companies with insider trading policies?

Equifax was down for a long time the other day. I should've treated that as a signal to short the stock...

How many Equifax managers are there trading? Could this be law of large numbers?

Out of curiosity, how would I go about looking this up?

Someone else in this thread linked to:


This is all kinds of unethical.

Nope, this is more likely all kinds of illegal!

Smart guys, they can get a presidential pardon. Great guys, the best.

Hello insider trading !

The only reasonable punishment for this is decades in jail. If they can't put these assholes in jail for running the credit check companies themselves, at least convict them for insider trading. These businesses should not exist to being with. I'm not sure what the penalty for insider trading is, but if the prosecutors a little creative, they could convict for each share sold. That should keep these scumbags in jail for the rest of their lives. Oops, I must be dreaming again ...

> If they can't put these assholes in jail for running the credit check companies themselves

Who is "they"? You realize Congress has effectively cemented the place of the big three credit bureaus in the daily life of all Americans, right?

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact