SEC Warns Against Selling Stock During Security Incidents

Following the Equifax data breach and the Meltdown/Spectre scandals, the U.S. Security and Exchanges Commission (SEC) issued a warning reminding executives that trading stock during such incidents classifies as insider trading and is punishable by law. In both of those incidents the CEOs and other executives sold stock after learning about the security issues, but before the problems were publicly revealed.

SEC Warning

The SEC issued new guidance to clarify that company executives are not allowed to trade on insider information, such as knowing that their company suffered a data breach, until the information is made public.

The commission added that these are not new rules; they've been in place for a while. However, after several Equifax and Intel stock sales during the internal investigation of their respective security issues, the SEC thought it should issue a reminder:

Directors, officers, and other corporate insiders must not trade a public company's securities while in possession of material nonpublic information, which may include knowledge regarding a significant cybersecurity incident experienced by the company.

Equifax Data Breach

Equifax experienced one of the most devastating data breaches in U.S. history, as the personal information of over 145 million Americans was exposed. Meanwhile, several executives, including the Equifax CEO at that time, Richard Smith, sold stock worth over $1.8 million after learning of the data breach and before making the information public.

However, despite the SEC issuing the new guidance and clarifying that this was illegal, it previously declined to investigate the Equifax executives for insider trading. The executives are still under criminal investigation by the Justice Department.

Intel’s Meltdown

Although Intel said that its CEO’s stock sale was “planned” for last fall, it turned out that Krzanich planned the sale only after learning about the Meltdown and Spectre vulnerabilities from Google. Again, this should not be allowed, according to the SEC’s new guidance, but for now it’s not clear if the agency is pursuing an investigation against Krzanich.

Either way, other companies were put on notice if they allow their executives to sell stock during internal security incident investigations, but how well the companies respect this new guidance may depend on how willing the SEC is to enforce its own rules when companies break them.

Create a new thread in the US News comments forum about this subject
This thread is closed for comments
8 comments
Comment from the forums
    Your comment
  • popatim
    They need to prosecute and fine these people! We all know this is illegal and so did they! Everyone else will understand this 'gentle reminder' and not do it so openly.

    The rest of the public will see that this isn't really the Corporate States of America, where those with the money can do whatever they want...
  • Brian_R170
    Security is heating up worldwide. For high-tech companies with enough high-profile products in the market, there will come a time, when there is ALWAYS a "security incident" in a company's product line that is known but not yet publicly disclosed. It would not surprise me if that time has already come for companies like Intel, Microsoft, Apple, Google, etc.
  • manleysteele
    Anonymous said:
    Security is heating up worldwide. For high-tech companies with enough high-profile products in the market, there will come a time, when there is ALWAYS a "security incident" in a company's product line that is known but not yet publicly disclosed. It would not surprise me if that time has already come for companies like Intel, Microsoft, Apple, Google, etc.


    That dog has been off the porch for a long time for those four companies.