Feeds

Bloomberg blocks its hacks from snooping on financial terminals

Get your stories the old-fashioned way, you lot

3 Big data security analytics techniques

Bloomberg has blocked its journalists from eavesdropping on users of its financial data terminals after it emerged that reporters were obtaining stories through their snooping.

Financial services firms, including merchant banks, pay about $20,000 a year to rent each Bloomberg terminal. Thousands of traders in stock exchanges around the world use the terminals to obtain real-time data from multiple financial markets, as well as access to news and instant messaging features.

CNN reports that a Bloomberg reporter asked a Goldman executive if a partner at the bank had recently left, after noting that the partner hadn’t logged into his Bloomberg terminal in some time. Goldman insiders later discovered that journalists at Bloomberg could access login records for Bloomberg’s proprietary terminals, as well as seeing how many times individual users had used particular functions.

Surreptitious access to the terminals had been possible for years, as a hangover from the 1990s when Bloomberg's reporters also formed part of its sales operation.

Bloomberg, which is playing down the scope of access, has responded by blocking its reporters from any access to customer data: arguably implementing controls that ought to have been applied in the first place.

“Limited customer relationship data has long been available to our journalists, and has never included clients’ security-level data, position data, trading data or messages,” Bloomberg spokesman Ty Trippet told the NY Post.

“In light of [Goldman’s] concern as well as a general heightened sensitivity to data access, we decided to disable journalist access to this customer relationship information for all clients,” he noted.

Bloomberg reporters’ ability to access subscriber information was a legacy of a period when journalists played a role in the firm's sales efforts back in the 90s.

It's unclear how often financial journalists made use of the surreptitious access but Business Insider reports that the facility was used on JPMorgan Chase during the 'London Whale' disaster last year.

The merchant bank lost more than $6bn essentially gambling on what turned out to be bad derivatives bets. Weak internal controls and poor risk management practices for allowing the London office to stake a fortune on credit default swaps positions that went pear-shaped.

Bloomberg subsequently published its story, marginally ahead of the Wall Street Journal. The newswire later moaned that the WSJ had failed to credit it in its own reports. ®

High performance access to file storage

More from The Register

next story
Dropbox defends fantastically badly timed Condoleezza Rice appointment
'Nothing is going to change with Dr. Rice's appointment,' file sharer promises
Audio fans, prepare yourself for the Second Coming ... of Blu-ray
High Fidelity Pure Audio – is this what your ears have been waiting for?
Record labels sue Pandora over vintage song royalties
Companies want payout on recordings made before 1972
MtGox chief Karpelès refuses to come to US for g-men's grilling
Bitcoin baron says he needs another lawyer for FinCEN chat
Ex–Apple CEO John Sculley: Ousting Steve Jobs 'was a mistake'
Twenty-nine years later, post-Pepsi exec has flat-forehead moment
Number crunching suggests Yahoo! US is worth less than nothing
China and Japan holdings worth more than entire company
Zucker punched: Google gobbles Facebook-wooed Titan Aerospace
Up, up and away in my beautiful balloon flying broadband-bot
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.