Insider trading accusations have been leveled in both the Equifax mega breach and the Intel Spectre and Meltdown security vulnerability.
Large stock sales happened among some Equifax executives before the public breach announcement. And Intel's CEO sold his holdings down to his contractual minimum the day the firmware problem was shared with key customers.
Investigations in these cases will be playing out for awhile. But the U.S. Securities and Exchange Commission (SEC) issued guidelines for public companies and their executives who have knowledge of a breach or cyber incident: this would be a bad time to sell your stock.
"Public companies should have policies and procedures in place to (1) guard against directors, officers, and other corporate insiders taking advantage of the period between the company’s discovery of a cybersecurity incident and public disclosure of the incident to trade on material nonpublic information about the incident, and (2) help ensure that the company makes timely disclosure of any related material nonpublic information. In addition, we believe that companies are well served by considering the ramifications of directors, officers, and other corporate insiders trading in advance of disclosures regarding cyber incidents that prove to be material."
You can read the SEC's Statement and Guidance on Public Company Cybersecurity Disclosures for more information on insider trading and how companies should prepare investors for the material risks that cyber incidents present.