ATLANTA -- Equifax, the credit report company hacked over the summer exposing the personal information of 145 million Americans, said a special committee has determined that none of the four executives who sold shares at the time did anything wrong.
The high-level executives sold shares worth a combined US$1.8 million in the days immediately after the company discovered the breach.
When Equifax went public with the breach in early September, company shares cratered, erasing about US$2.35 billion of its market value.
The company revealed that an ongoing cyberattack lasted from mid-May to July. Equifax Inc. said it detected the hack on July 29.
On Aug. 1 and Aug. 2, Equifax Chief Financial Officer John Gamble and three other executives sold a combined US$1.8 million in stock.
The company said Friday that a special committee comprised of independent directors, and advised by an independent counsel, found that none of the executives had knowledge of the breach when their trades were made.
The committee's review included dozens of interviews and the scouring of more than 55,000 documents including emails, text messages, phone logs and other records.
The report Friday is unlikely to relieve pressure on the beleaguered company, which badly bungled the response to the hack.
Investigators will want to know how a breach of this size and scope could have occurred, without the knowledge of some of the company's highest executives.
Faith in the leadership and the security of private information eroded in the weeks after the attack.
Anxious consumers experienced jammed phone lines and clueless company representatives. An Equifax website set up to help people determine their exposure was described as sketchy by security experts. The site provided inconsistent and unhelpful information to many. The company blamed the problems of an online customer help page on a vendor's software code after it appeared that it had been hacked as well.
High-level executives, including CEO Richard Smith, have already stepped down.
The internal report did not appear to ease the apprehension of those who hold company stock. Shares were essentially flat on Friday.
That's because it is the Securities and Exchange Commission, the federal agency that enforces securities laws, which will have the final say.
SEC Chairman Jay Clayton has refused to comment when asked by lawmakers if executives at Equifax engaged in insider trading when they sold their shares. He has not confirmed or denied that the SEC is investigating.
Smith, the former Equifax CEO, appeared before Congress to answer questions from lawmakers, but they were far from satisfied with the answers they received.
The Atlanta company is under multiple state and federal investigations and has been sued by numerous customers in litigation likely to evolve into class-action lawsuits.
What makes the data breach so dangerous is the information that Equifax holds. Social security numbers, identification, addresses and personal information held by Equifax and the two other, major credit agencies is used to determine a person's creditworthiness.