Equifax says executives who sold $1.8m in stock before hack disclosure didn't commit insider trading

Equifax said four of its executives who sold shares before the company disclosed a massive data breach did not engage in insider trading. In September, the credit reporting company revealed it suffered a massive breach over the summer that compromised valuable personal and financial information of 145.5 million Americans.

The record-breaking breach occurred between mid-May and July. It was eventually discovered by Equifax on 29 July.

Just days after the company discovered the breach, some of its senior executives, including its chief financial officer and president of US information solutions, sold $1.8m (£1.4m) in shares,weeks before the hack was made public.

However, according to a report by a special committee set up by Equifax to investigate the issue, the four executives – CFO John Gamble, president of US information solutions Joseph Loughran, president of workforce solutions Rodolfo Ploder and senior vice president of investor relations Douglas Brandberg – were not aware of the attack when they sold their shares.

Equifax said Gamble first learned of the breach during a "management offsite meeting" on 10 August, nine days after his trade cleared, Equifax said.

Loughran learned "at a general level" that there was a "security issue" being investigated on 13 and 15 August – days after he executed his cleared trades on 1 August. He later learned details of the breach on 22 August during a "Senior Leadership Team meeting".

Ploder requested preclearance to sell 1,719 shares, approximately 3.7% of his holdings, on 1 August. His trade was executed on 2 August, three weeks before he learned of the breach on 22 August. Brandberg sold 1,724 shares on 2 August and later learned of the security issue around 14 August, Equifax said.

The special committee conducted 62 interviews and reviewed more than 55,000 documents including emails, text messages, phone logs and other records as part of the probe.

Based on its review, the special committee concluded that none of the senior officers "had knowledge of the security incident's existence as of the date of their preclearance requests or the date of their trades."

"I'm grateful for the timely and thorough review by the Special Committee of this important matter," non-executive Chairman Mark Feidler said in a statement. "The Board takes very seriously any allegation of insider trading. It is critically important for the public, our shareholders, our customers and our employees to know that we will not tolerate any violation of Company policy or the law regarding the trading of securities. The conclusion that the Company executives in question traded appropriately is an extremely important finding and very reassuring."

The US Department of Justice is conducting its own separate probe of the trades.

Equifax has drawn intense scrutiny and criticism since the disclosure of the massive hack. The breach exposed a trove of data including customers' names, birthdays, addresses, Social Security numbers and driver's license numbers. The company said hackers exploited a months-old Apache web server flaw to carry out the attack.

It also triggered multiple federal and state-led investigations along with a number of class action lawsuits.

Last month, former CEO Richard Smith, who stepped down in September, was grilled by lawmakers over the breach and the company's handling of the issue.