A few days after the New York Post revealed that Bloomberg reporters had been using terminals to watch Goldman Sachs and other banks, the Financial Times has apparently unearthed another unrelated security breach. According to FT, over ten thousand confidential messages sent through Bloomberg terminals have been online for years, findable through a Google search. Though they've now apparently been taken down, two lists are said to have contained messages scraped from "dozens" of banks and their clients, including things like how much clients were paying for bonds.
This alleged leak is unrelated to Bloomberg News' snooping, which the outlet's editor-in-chief has called "inexcusable." So how did the messages, which are pulled from one day in 2009 and an unknown timeframe in 2010, get online? According to FT and a Bloomberg spokesperson, they were initially a data set willingly given to Bloomberg by banks in order to help improve data mining. But while an employee apparently meant to upload the messages to a secure server, they went to the broader internet instead. Said employee left Bloomberg in 2011, and it's not known precisely when the upload happened.
Before FT found the data sets, they don't seem to have been widely known, so the concrete harm from this leak may be minimal. A Bloomberg spokesperson has said that if such a breach occurred, however, it "would have been a clear violation of our policies" and could not happen with today's more advanced terminals. The greatest damage may be to Bloomberg itself, which is attempting to rebuild credibility after shutting down reporters' access to its terminals.