Equifax officials under investigation following stock sales: report

Click to play video: 'Equifax reportedly knew for months about cyber-security vulnerability'
Equifax reportedly knew for months about cyber-security vulnerability
Equifax reportedly had two months to prevent its massive data breach, but failed to install a software fix. Cybersecurity experts say a patch for the flaw was issued in March. Hackers didn't start stealing the sensitive information of up to 143- million Americans until May – Sep 15, 2017

The problems for Equifax just keep piling up.

The U.S. Justice Department has opened up a criminal investigation into the sale of Equifax stocks before the hack was announced – but after the hack was discovered – Bloomberg reported Monday, according to unnamed sources.

That news comes along with the dozens of class action lawsuits, from Canada and the U.S., and the investigations from both Canada’s Office of the Privacy Commissioner and the FBI.

The U.S. Justice Department wouldn’t confirm the investigation into insider trading, saying only that they were helping the FBI with its investigation.

“The U.S Attorney’s Office for the Northern District of Georgia is working with the FBI to conduct a criminal investigation into the Equifax breach and resulting theft of personal information,” U.S. Attorney John Horn said, in an emailed statement to Global News.

Story continues below advertisement

Equifax told the public of a data breach that affected 143 million Americans, less than 400,000 Brits, and an unknown amount of Canadians on Sept. 7.

Financial news and insights delivered to your email every Saturday.

The company says it discovered the security breach on July 29, six weeks earlier.

WATCH: Massive cyber-attack at Equifax could leave millions vulnerable 

Click to play video: 'Massive cyber-attack at Equifax could leave millions vulnerable'
Massive cyber-attack at Equifax could leave millions vulnerable

John Gamble (chief information officer), Joseph Loughran (president of U.S. information solutions), and Rodolfo Ploder (president of Workforce Solutions), sold around US$1.8 million in shares on August 1 and 2.

In a statement released after the disclosure of the hack, Equifax said the three executives “had no knowledge that an intrusion had occurred at the time they sold their shares.”

Equifax’s shares dropped significantly in the ten days since the hack was announced: around 35 per cent.

Story continues below advertisement

Bloomberg says the Justice Department is looking at the sale of the stocks.

The security breach was a result of a framework vulnerability that was corrected by the software manufacturer in March 2017, but wasn’t updated on Equifax’s system.

Equifax officials said earlier that they are working with the FBI in their investigation. In response to a request for comment on Monday, officials told Global News they are working with the Office of the Privacy Commissioner and would be releasing an update to Canadians this week.

Last week, Equifax announced late Friday that its chief information officer and chief security officer would leave the company immediately. Susan Mauldin, who had been the top security officer, and David Webb, the chief technology officer, are retiring. Mauldin, a college music major, had come under media scrutiny for her qualifications in security. Equifax did not say in its statement what retirement packages the executives would receive.

*With files from the Associated Press

Sponsored content