Officials at the Federal Reserve, Treasury Department and some of the nation’s largest financial firms are assessing whether their use of Bloomberg News’ ubiquitous financial data terminals has exposed them to a potential privacy breach.
Bloomberg News, the worldwide news organization founded by New York Mayor Michael Bloomberg, acknowledged late last week that its reporters used the company’s terminals to access personal information about subscribers, including Wall Street traders and other financial professionals.
The New York-based company said the practice — which appears to have been routine for more than two decades — was used to retrieve mundane facts, such as log-in and contact information of its data-services clients. The company said its reporters did not have access to sensitive private information held by clients, such as financial trades or takeover targets.
It said it was unaware of any stories based directly on the information its reporters had gleaned by peering into the terminals. Banks such as Goldman Sachs and JPMorgan Chase have expressed concerns over Bloomberg’s actions.
Bloomberg’s reporters were routinely able to see basic information about the company’s 315,000 data-services subscribers via the terminals that are the heart and soul of Bloomberg LP, the company founded by Bloomberg in 1982. (Bloomberg stepped away from the company before being elected.)
The screens feed a river of financial data — commodities and stock prices, bond yields, breaking news — to guide traders in their decisions. Financial firms, news organizations and others lease the terminals for $20,000 per year, making it a multibillion-dollar business and the source of Bloomberg’s vast personal fortune.
Reporters for Bloomberg News, the company’s newsgathering operation, have been able to see when subscribers logged into the terminals ever since the news service was founded in 1990. They could also access electronic messages sent between clients and Bloomberg’s customer-service department, though not messages between clients.
The log-in, contact and customer-service chat functions were installed to help Bloomberg’s sales force serve subscribers and answer their questions, not to help reporters gather information, said one person involved in the operation, who spoke on condition of anonymity because he wasn’t authorized to speak about it.
The mechanism, known as the “Z” function, also enabled Bloomberg reporters to view which broad categories of information subscribers were viewing — such as news or stock data — though they couldn’t see the specific stories a client was reading or which stocks traders were researching.
The breach came to light last month after a Bloomberg reporter in Hong Kong asked executives at Goldman Sachs whether a Goldman employee had left the firm, based on the fact that the employee hadn’t logged into his Bloomberg terminal in weeks. The investment firm complained to Bloomberg.
As a result, Bloomberg said it cut off its reporters’ access to client information. As of Friday, no reporter had been fired, a company spokesman, Ty Trippet, said.
One person familiar with the matter at JPMorgan, who spoke on condition of anonymity in order to talk frankly about internal matters, said numerous Bloomberg reporters had contacted the firm in recent years to inquire whether employees who had not signed into their terminals recently were still employed by the company. Some of those inquiries dealt with trader Bruno Iksil, nicknamed the “London Whale,” who shouldered the blame for a disastrous $6 billion trading loss at the company last year.
“They would call and say that this person hasn’t logged in for a long time, are they still there?” the person recalled. “The reporters were very open about the fact they’d use this one function. They were very open that they had access to this information. We expressed our frustrations to the reporters . . . But we didn’t think they had access to anything else.”
In one case, the person said, a reporter noticed that several members of a particular trading desk had not logged on lately and asked the company whether it had begun layoffs.
The Federal Reserve in Washington and the Treasury Department, each of which lease Bloomberg terminals, have contacted the company to ask about the nature and extent of the breach, according to two people familiar with the inquiry.
Scott Talbott, the chief lobbyist for the Financial Services Roundtable, which represents the nation’s largest financial firms, said his group has heard “rumblings and disgruntlement” from Wall Street sources since the news broke in a New York Post story on Friday.
“The biggest worry is that the reporters were able to decipher the analysts’ stock strategy,” said Talbott. “There were just concerns about the breadth and depth of the intrusions . . . From a trader’s standpoint, your strategy is everything.”
Talbott added that privacy is a central tenet of Wall Street. “Privacy is paramount,” he said. “Privacy is key.”
In a note posted on a Bloomberg blog on Friday, Bloomberg chief executive Daniel Doctoroff wrote, “Although we have long made limited customer relationship data available to our journalists, we realize this was a mistake.”
Bloomberg News has grown from a handful of journalists in New York into one of the world’s largest news organizations, with 2,400 people reporting from bureaus in 72 countries. In addition to a financial-news television channel that competes with CNBC and Fox Business Channel, Bloomberg News also operates Bloomberg Government, which reports extensively on Washington politics and federal agencies.
Bloomberg News hasn’t reported about the data breach since the New York Post broke the story on Friday. A spokesman said the company’s policy is not to cover itself.