ATLANTA - Sudhakar Reddy Bonthu, a former software development manager for Equifax, was arraigned today on federal charges of insider trading for allegedly using information entrusted to him to purchase put options and turn a profit when the news of the data breach was made public. A grand jury previously indicted Jun Ying, a former chief information officer of Equifax U.S. Information Solutions, on charges of insider trading relating to the data breach. Ying pleaded not guilty on March 15, 2018.
“Bonthu allegedly took advantage of his position to profit while members of the public were unaware of the data breach at Equifax,” said U.S. Attorney Byung J. “BJay” Pak. “The integrity of the stock markets are jeopardized when greedy individuals who are entrusted with nonpublic information use the knowledge for their benefit.”
“Company insiders must follow the same rules that govern investors, otherwise their actions undermine the public’s confidence in the nation’s stock markets,” said J. C. Hacker, Acting Special Agent in Charge of FBI Atlanta. “To maintain a fair and equitable stock market for everyone, the FBI will do everything in its power to hold those accountable who would choose to take advantage of their inside knowledge.”
“As alleged in our complaint, Bonthu used confidential information to determine that his company had suffered a massive data breach and then illegally profited from it,” said Richard R. Best, Director of the Securities and Exchange Commission’s Atlanta Regional Office. “Corporate employees cannot take advantage of their access to sensitive information and unlawfully benefit from it.”
According to U.S. Attorney Pak, the charges, and other information presented in court: Equifax Inc. is a consumer credit reporting agency headquartered in Atlanta. During the summer of 2017, Equifax was the victim of a data breach, where hackers acquired names, Social Security numbers, birth dates, and addresses of over 145 million consumers.
Sudhakar Reddy Bonthu was a software development manager for Equifax’s Global Consumer Services team in August 2017. In that role, he was entrusted with information that allegedly resulted in him concluding that Equifax was the victim of a data breach. On August 25, 2017, Bonthu and other Equifax employees were asked to assist in responding to the breach, although he was not directly informed that Equifax had been breached. On August 25, 2017, Bonthu was informed that the target date for announcing the breach publicly was September 6, 2017. Around August 30, 2017, Bonthu learned that approximately 100 million individuals’ information was exposed as part of the breach and that the data included names and Social Security numbers. The next day, Bonthu received an email related to his work on the breach with a file attached named “EFXDatabreach.postman_collection.” “EFX” is the stock ticker symbol for Equifax.
On September 1, 2017, Bonthu bought 86 put options in Equifax stock that expired on September 15, 2017. Those put options allowed him to profit if the value of Equifax stock dropped within that two-week period. Equifax publicly disclosed the data breach on September 7, 2017, and its stock fell the next day. Bonthu then exercised his put options, realizing a profit of more than $75,000.
Sudhakar Reddy Bonthu, 44, of Atlanta, Georgia was arraigned on a criminal information before U.S. Magistrate Judge Alan J. Baverman, after waiving his right to be indicted by a federal grand jury.
Members of the public are reminded that an information and an indictment only contain charges. A defendant is presumed innocent of the charges and it will be the government’s burden to prove the defendant’s guilt beyond a reasonable doubt at trial.
This case is being investigated by the Federal Bureau of Investigation, with assistance from the U.S. Securities and Exchange Commission.
Christopher J. Huber, Deputy Chief of the Complex Frauds Section, and Assistant U.S. Attorney Lynsey M. Barron are prosecuting the case.