Private messages of Bloomberg clients end up online
Posted on 15 May 2013.
Mere days after Bloomberg News admitted that its journalists could access some client information via the company's financial terminals, it has been revealed that the company inadvertently leaked on the Internet over 10,000 private messages exchanged by its clients.

Financial Times reports that the messages in question were found by a unnamed financial markets professional via a simple Google search, and that they were online for a number of years, accessible to anyone who knew what to look for. After the FT inquired about them, they were taken down.

Apparently, although containing confidential information such as the names and email addresses of the traders that exchanged them, their trading activity, price information, and even their unique Bloomberg user identifiers, the company had permission to collect and use the messages.

“This work was done with client consent, where emails were explicitly forwarded to us to a dedicated email account and released by the person responsible for the email so that we could conduct internal testing to improve our technology for the client,” a Bloomberg spokesman stated. Still, it doesn't say that they were allowed to put it on the Internet.

In fact, it seems that the (now former) employee that was working on the project intended to upload the messages on a secure website, but how they ended up where they were has still not been explained.

It remains to be seen whether this was done on purpose or by mistake, but one thing is sure: the company has a lot of apologizing to do. Actually, they have already started. Bloomberg CEO Dan Doctoroff and other executives have been contacting clients and apologizing for letting journalists access their information, dubbing the whole thing as a "mistake".


(IN)SECURE Magazine issue 45 released

(IN)SECURE Magazine is a free digital security publication discussing some of the hottest information security topics. Learn about personal data bankruptcy and the cost of privacy, security and compliance, delivering digital security to a mobile world, and much more.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Wed, Mar 4th