For Intel investors, the news has gone from bad to worse to a full-blown “meltdown.”
Meltdown, as we now know, is the name of a critical flaw that has lurked in Intel computer chips for years. (A related flaw, present in most processors on the market, has been given the arguably cooler, Bond-like name of Spectre.) Meltdown and Spectre raised serious alarm bells within Intel, given that hackers could exploit them to steal the most sensitive data from computers, phones and other devices in which the chips were installed.
That security issue would be headache enough for any company. But Intel compounded its problems by making public disclosures about the chip flaws that are troublesome in both substance and timing. The timing, indeed, looms large here. Intel (along with two other chip makers) was first made aware of the Spectre flaw as early as June of 2017. It was not until January 3—six months later—that Intel disclosed the flaws, and only then because its hand had been forced by media reports.
If you squint, you can possibly see justification for Intel’s long delay in disclosing what appears to be material information about its business. (The market seemed to find it material; Intel’s shares dropped 3.4 percent on the day of the announcement and 1.8 percent the next.) In Intel’s line of business, revealing the threat posed by Meltdown and Spectre too early could have, essentially, given thieves the key to the safe. Disclosure is an old problem in the security world. Whenever a researcher finds a bug, the custom is to give vendors a few months to fix the problem before it goes public and bad guys have a chance to exploit it. Six months is more than a few, but Meltdown and Spectre aren’t typical bugs, either. And even before it was forced to act, Intel had planned to disclose the flaws in early January.
Unfortunately, when it finally came, Intel’s response did not calm suspicions that it was hiding something; it inflamed them. An Ars Technica report called Intel’s initial statement “a masterpiece of obfuscation,” criticizing its deceptive attempt to minimize the security risk and for failing to acknowledge that Intel was uniquely impacted by Meltdown. It leads to an impression that Intel, at best, was tiptoeing around something.
And that’s before we even get to the insider trading issue. Intel CEO Brian Krzanich sold nearly $40 million in stocks and options in the period after Intel discovered the flaws and before it publicly disclosed them. Other aspects of the sale make the optics even worse. First, while Krzanich sold stock on a periodic basis, it was in relatively small amounts. By contrast, this sale reduced his holdings by 50 percent, down to the minimum number of shares that Intel corporate policy requires him to own. Second, Intel’s claim that the sale was part of a prearranged plan is less than satisfying. The plan in question was created on October 30, which also post-dates the company’s knowledge of Meltdown and Spectre.
Whether Intel breached a duty to disclose or Krzanich engaged in insider trading are legal issues that could be adjudicated at some point. A consumer class action has already been filed against the company, and Congress is demanding answers on the stock sale.
It will be interesting to watch those legal questions play out. At this point, we know enough to say this much: Intel, a well-established issuer, should not have put itself in the position of having to answer them.