In House - The FindLaw Corporate Counsel Blog

Equifax Top Lawyer Facing Scrutiny

John Kelley, chief legal officer at Equifax, probably saw it coming.

We're not talking about the data breach that compromised financial information of more than 145 million Americans. Who could have known that, except perhaps the people hacking into the company's system?

But Kelley probably foresaw the backlash from the data debacle -- especially since he approved $1.8 million in stock sales by Equifax executives just before the company disclosed the breach.

Cybersecurity

According to reports, Kelley is now at the center of the Equifax mess. He was in an unusual position even before the biggest breakdown in the company's 118-year history.

Kelley has traditional legal responsibilities at Equifax, but his cybersecurity role differs from peers at rival credit-reporting companies.

"Equifax put the chief legal officer in charge of cybersecurity so that the chief security officer would report to an unbiased executive, someone who didn't have to choose between IT and cybersecurity when allocating money," the Journal reported.

Now Congress is holding hearings to find out what Equifax did to defend against the cyberattack. Lawmakers also want to know about the stock sales Kelley approved before the breach became public.

Stock Sales

Equifax says the executives who sold shares on Aug. 1 and Aug 2 did not know about the data breach before the transactions. Kelley, however, may have known.

Security staff discovered the breach on July 29, the Wall Street Journal reported. Kelly oversaw security and was responsible for approving the sales.

Kelley is a former partner at King & Spaulding. He joined Equifax in 2013, and his compensation was $2.8 million last year.

Related Resources: