Black holes lost a mentor yesterday as Stephen Hawking died. While Hawking’s stature no doubt merits a full blog post on its own, when someone holds the same academic chair as Sir Isaac Newton and also plays himself on an episode of Star Trek: The Next Generation; there is probably not much more that can be added. Like most non-scientist Americans, I was introduced to Dr. Hawking through his international best-selling book “A Brief History of Time: From the Big Bang to Black Holes,” published in 1988. It has sold more than 10 million copies and inspired a documentary film by Errol Morris. His own story was the basis of an award-winning 2014 feature film, The Theory of Everything. He also had Lou Gehrig’s disease (ALS) for over 50 years.

According to his obituary in the New York Times (NYT), Perhaps the most famous theoretical scientist since Einstein (I would add – certainly since Richard Feynman), Hawking was the baby boomer “generation’s leader in exploring gravity and the properties of black holes, the bottomless gravitational pits so deep and dense that not even light can escape them… In a long and daunting calculation, Dr. Hawking discovered to his befuddlement that black holes — those mythological avatars of cosmic doom — were not really black at all. In fact, he found, they would eventually fizzle, leaking radiation and particles, and finally explode and disappear over the eons.”

I thought about Hawking and his work on black holes, when I read about the day the Securities and Exchange Commission (SEC) had yesterday. One very famous business person agreed to a civil SEC Complaint over some very troubling, fraudulent conduct. The second event was a criminal complaint for insider trading filed against a high ranking senior executive of Equifax.

Elizabeth Holmes first. Holmes was one of the most famous women to come out of Silicon Valley. She founded Theranos, hyped the fraudulent blood testing scam and became for a short time a billionaire. Now all of that is gone, gone, gone. According the SEC Compliant, Holmes agreed to a civil penalty of $500,000, returned some 18.9 million shares that she obtained during the fraud and relinquished her voting control of Theranos by converting her super-majority Theranos Class B Common shares to Class A Common shares. Oh, and she is banded for 10 years from holding office in a publicly traded company.

According to the Complaint, Holmes, and its former President and Chief Operating Officer (COO), Ramesh “Sunny” Balwani, and the company itself, “raised more than $700 million from late 2013 to 2015 while deceiving investors by making it appear as if Theranos had successfully developed a commercially-ready portable blood analyzer that could perform a full range of laboratory tests from a small sample of blood. They deceived investors by, among other things, making false and misleading statements to the media, hosting misleading technology demonstrations, and overstating the extent of Theranos’ relationships with commercial partners and government entities, to whom they had also made misrepresentations.”

Theranos promised to more than disrupt the blood testing industry; it promised to completely transform it. Through its proprietary technology, Holmes claimed the company could analyze literally a pinprick of blood in a drug store or even grocery store setting with a wide variety of general chemistry tests, wellness tests, and some predictive and diagnostic health tests. Theranos heralded the end of laboratory testing as we know it. Now for just a few dollars and a single pin pricked finger, you could obtain a suite of health information. Too bad it was all one big fraud.

The smoke and mirrors were that the Theranos equipment not only could not run the 200+ plus tests Holmes boasted of but could not run any tests. Theranos solution was to purchase blood testers from other third parties and run the tests on those modified machines, all out of the watchful eyes of investigators and investors. It was fraud on a massive scale, for which Holmes was richly rewarded in salary and stock.

Perhaps the final word should come from Jina Choi, director of the SEC San Francisco Regional Office, who said in a statement, “The Theranos story is an important lesson for Silicon Valley. Innovators who seek to revolutionize and disrupt an industry must tell investors the truth about what their technology can do today, not just what they hope it might do someday.” Holmes neither admitted nor denied the facts laid out in the Compliant. She may find herself in the black hole of litigation for many moons however.

The Equifax matter was equally head-turning. In another civil complaint filed yesterday, the SEC alleged that a former executive, international Chief Information Officer (CIO) Jun Ying, of insider trading after he sold stock just before the massive hack affecting 147 million individuals was publicly disclosed. According to an article in Forbes.com by Thomas Fox-Brewster (fab name but not related), entitled “How Equifax Kept Its Mega Breach Secret From Its Own Staff”, the bombshell revelation in the SEC Complaint was described by its title, that Equifax literally hid from its own employees the fact that it had been hacked. Fox-Brewster went on to note, “A source close to the Equifax breach confirmed that some staff were not informed of the real name of the victim as the company tried to compartmentalize what was known in the  to the public release. But, the source said, it was standard practice and nothing resembling a cover-up.” [Emphasis mine]. I somehow doubt that either the SEC or any other US or foreign regulator who looks at this matter will conclude that last statement.

Ying’s Complaint alleges that Equifax initially discovered unusual activity in late July 2017 but did not disclose the breach to the public until September 2017. The company created two teams to work on the problem, Project Sierra to deploy security measures to stop the breach and Project Sparta to design remediation measures. Only employees on Project Sierra knew that the company had been breached. Employees on Project Sparta were told they were working a client’s breach. Ying was on Project Sparta.

On August 25, Ying and his team were told that an emergency had arisen, and they would have to work late on a Friday. Ying called the CIO and, as noted in the Compliant,

“30. During the call, the global CIO told Ying that Ying was expected to comply with the requests. The global       CIO also told Ying that, at that time, Ying did not need to know why he had to comply, but that at some point, Ying would understand what was happening.

  1. At 5:27 p.m., Ying texted the direct report he had communicated with earlier, writing: “On the phone with [global CIO]. Sounds bad. We may be the one breached. . . . Starting to put 2 and 2 together.”

Ying did indeed “put 2 and 2 together” to figure out that it was Equifax which had been hacked. As it was now Friday night, he could not sell any stock but by 10 AM the next Monday, Ying had managed to exercise options worth almost $950,000 before the company publicly announced the hack and data breach. The Complaint state, “By selling Equifax shares before its cybersecurity breach was publicly disclosed, Ying avoided more than $117,000 in losses that he would have suffered had he not sold until after the news of the breach became public.” Perhaps Ying thought he survived the Equifax black hole. Then again maybe not.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2018

0 comments