Another former Equifax employee on Thursday was charged with allegedly engaging in insider trading before the company disclosed a massive breach that compromised the personal information of 148 million Americans.

Continue Reading Below

Sudhakar Reddy Bonthu, a software engineer with the company, was charged by the Securities and Exchange Commission (SEC), while a parallel complaint was filed in a federal court in Atlanta. Bonthu allegedly made trading decisions based on confidential knowledge he received while creating a website for consumers impacted by the data breach.

Bonthu is said to have purchased Equifax put options a week before the cyberattack was disclosed to the public, after realizing the “undisclosed” company he was working for was the credit reporting agency.

Stock put options are securities that give the holder the right, but not the obligation, to sell stock at a set price. Such options become valuable if the underlying shares drop in price and the holder exercises his option to sell.

Public disclosure of the Equifax hack hammered its shares, making Bonthu’s put options worth more than he paid for them. Specifically, the engineer made more than $75,000 on the trade, a return equal to more than 3,500% of his initial investment, the SEC said.

Equifax fired Bonthu in March after failing to cooperate with the company's internal investigation into whether he had violated its insider trading policy. The SEC said he has agreed to settle the civil charges and return all of his allegedly ill-gotten gains, plus interest.

Three executives at the company also dumped millions of dollars’ worth of stock after it was discovered that the company had suffered a massive cyberattack, but before that information was publicly disclosed.

In March, Jun Ying, who was next in line to be the company’s global CIO, was charged by the SEC with insider trading after allegedly using confidential information to reap benefits of around $1 million from a stock sale, and evading more than $117,000 in losses.

During congressional testimony, former CEO Richard Smith said the executives in question had gone through the proper channels to sell company stock. He also said employees were encouraged to sell their shares during a specific window following an earnings report, which is when the stock sale allegedly happened.

Equifax revealed earlier this year an additional 2.4 million consumer accounts had been hit during the 2017 data breach, which took place from mid-May through July of last year. The total number of victims has consequently risen to nearly 148 million.