U.S. senators are calling for a federal investigation into the sale of nearly $2 million in shares of Equifax by company executives after its massive data breach.
According to a Reuters news report, 36 senators signed a letter asking the U.S. Department of Justice, the Securities and Exchange Commission and the Federal Trade Commission to start an investigation into around $1.8 million in stock sales by three executives (including Chief Financial Officer John Gamble) between July 29 – the day Equifax learned of the data breach in mid-May – and when they made it public last week.
One senator, Heidi Heitkamp, a Democrat on the Senate Banking Committee, compared the actions to insider trading.
“If that happened, somebody needs to go to jail,” Senator Heitkamp said. “It’s a problem when people can act with impunity with no consequences. How is that not insider trading?”
The lawmakers, led by Democrat Jack Reed and Republican John Kennedy, are calling for “a thorough examination of any unusual trading, including any atypical options trading, for violations of insider trading law.”
“We request that you spare no effort in your investigations and in enforcing the law to the fullest extent,” the lawmakers said.
Cybersecurity experts believe the Equifax breach is one of the largest ever disclosed. Equifax announced last week that hackers in the cyberattack stole names, birthdates and addresses, as well as Social Security and drivers’ license numbers of approximately 143 million consumers in the U.S., in addition to the credit card numbers of approximately 209,000 people.
Massachusetts Attorney General Maura Healey said she intended to sue Equifax for failing to maintain appropriate safeguards to protect customers’ data, including that of nearly three million Massachusetts residents.
“In all of our years investigating data breaches, this may be the most brazen failure to protect consumer data we have ever seen,” Healey said in a statement.
In addition to joining a potential class-action suit, CNBC reported that those affected by the breach could also sue Equifax for negligence in small claims court using the DoNotPay bot, with maximum damages ranging between $2,500 in states like Rhode Island and Kentucky to $25,000 in Tennessee. While the chatbot is mainly used to fight parking tickets, a new update could help it tackle this larger issue. DoNotPay's creator, Joshua Browder, was one of those affected by the breach.
"I hope that my product will replace lawyers and, with enough success, bankrupt Equifax," said Browder.