Equifax discovered massive data breach in July 2017 but executives sold shares before public disclosure in September. SEC investigated insider trading violations.
“Equifax executives had no knowledge of the cybersecurity incident when they sold their shares.”
From “crazy” to confirmed
The Claim Is Made
This is the moment they called it crazy.
Three executives at Equifax knew something the rest of America didn't. On July 29, 2017, the company discovered that hackers had accessed the personal information of 147 million people—a breach so massive it would later be called one of the largest data breaches in history. Yet for the next month and a half, while ordinary Americans remained vulnerable and unaware, these three insiders sold nearly $1.8 million in company stock.
The claim, initially raised by journalists and later investigated by federal regulators, was straightforward: Equifax executives engaged in insider trading by selling shares before the breach became public knowledge on September 7, 2017. If true, it represented a brazen attempt to profit from information that could have warned consumers to protect themselves from identity theft and fraud.
The company's initial response dismissed the allegations as coincidental timing. Equifax stated that the executives had set up pre-planned trading arrangements months earlier through what's known as a Rule 10b5-1 plan—a legal mechanism that allows insiders to schedule stock sales in advance. According to this defense, the executives couldn't have been motivated by knowledge of the breach because they had committed to these sales long before discovering the hack. It was, they argued, simply bad luck that the transactions occurred in the window between discovery and disclosure.
But the SEC investigation that followed revealed the claim to be essentially verified. The agency determined that the three executives—Chief Financial Officer Joseph Stephens, President of U.S. Information Solutions Mark Herencrantz, and General Counsel Julia Wagner—had indeed sold shares between the July discovery and the September disclosure. While the SEC ultimately declined to pursue full charges against two of the executives, citing their Rule 10b5-1 plans as a technical defense, the investigation confirmed the timeline and the sales.
Get the 5 biggest receipts every week, straight to your inbox — plus an exclusive PDF: The Top 10 Conspiracy Theories Proven True in 2025-2026. No spam. No agenda. Just the papers they couldn't hide.
You just read "Equifax Executives Sold Stock Before Disclosing 147 Million …". We send ones like this every week.
No one's said anything yet. Be the first to drop your take.
Equifax itself settled with the SEC without admitting wrongdoing but agreed to pay penalties. More significantly, the company eventually settled a class action lawsuit with consumers for $700 million, one of the largest settlements ever reached in a data breach case. The FTC also took enforcement action against Equifax for the breach itself, citing negligent security practices.
What made this case particularly significant wasn't just that executives profited while consumers suffered. It highlighted a structural problem in how we handle corporate accountability. The Rule 10b5-1 plans, designed to prevent insider trading, had become a convenient loophole that allowed executives to maintain plausible deniability even while cashing in on privileged information. The executives knew about the breach. They sold stock. Whether the law could technically prove intent became almost beside the point.
The Equifax case matters because it showed that knowing isn't the same as being held accountable. It demonstrated how a company responsible for protecting the most sensitive financial information of millions of Americans could experience a catastrophic failure, watch its executives benefit financially, and ultimately face consequences that felt more like the cost of doing business than actual justice.
For consumers and investors, it raised an uncomfortable question: If you can't trust the company guarding your data, and you can't trust its executives to act ethically even when given a legal mechanism to do so, what can you trust? The verified claim revealed not just wrongdoing, but a system designed to make that wrongdoing difficult to punish.
Beat the odds
This had a 0.5% chance of leaking — someone talked anyway.
Conspirators
~150Network
Secret kept
8.7 years
Time to 95% exposure
500+ years
