Re: The CIO did know to sell shares, but didn't know to patch
The CIO will be fine.
Few million golden parachute and a cushy number someone else.
Feel sorry for the poor buggers at the bottom.
Maybe, maybe not.
The way I read @Tree's comment was as referring not to the financial return the CIO made, but to the criminal act that that entails.
If the CIO knew about the breach, then sold the shares before announcing it publicly, that is criminal insider trading. And while rich business people get away with a lot, insider trading is something the SEC tends to clamp down on because it affects other rich people as well. So the CIO (and the 2 other executives who sold shares) could be facing an SEC probe into insider trading which could lead to jail time - not for the lax security that allowed the breach, but for insider trading.