Did Wall Street Get Hacked, Back Away or Just Get Overwhelmed on Monday?

By Pam Martens and Russ Martens: February 8, 2018

Wall Street Bull Statue in Lower Manhattan

Wall Street Bull Statue in Lower Manhattan

The U.S. Senate Banking Committee needs to get its act together and immediately schedule hearings on the trading outages that occurred at numerous discount brokers and mutual funds on Monday. According to thousands of on-line complaints, customers of major firms like TD Ameritrade, Fidelity, Vanguard, and T. Rowe Price could not access their accounts using the firms’ websites on Monday and thus could not place sell or buy orders as the market dove 1,597 points in mid afternoon, then partially recovered to close down 1,175 points.

At online outage tracker, downdetector.com, both TD Ameritrade and Fidelity were verbally brutalized by outraged customers, many of whom said they had lost thousands of dollars as a result of the outage. Others commenters were stirring up momentum for a class action lawsuit.

Complaints against Fidelity included this one from a poster calling himself Lee Yih:

“The Fidelity Active Trader Platform finally loaded after 80 minutes of trying. I put in 4 orders, but nothing. No indication of orders received, no indication of an execution. I do have the order numbers, however. The website should not be giving the appearance it is up, when orders entered are swallowed up and we do not know where we stand. I called them and waited for 32 minutes on hold before giving up.”

The posts against TD Ameritrade included many people who said they were fed up and planning to find a new broker. A woman identifying herself as Stephany Crawford wrote:

“CLASS ACTION LAWSUIT! We need to make them pay for all our losses while the system’s been down. It is their fault. They cannot deny that. Let’s make them accountable!!! Gary and I have lost thousands of dollars because of this! Count us in!!!!!!!!!!!”

Angry Vanguard customers who were blocked from trading took to the popular BogleHeads.org (named after the founder of Vanguard, John Bogle) to vent their outrage. One customer, using the online ID of “Choy,” expressed what was on millions of Wall Street investors’ minds. He wrote:

“C’mon guys. It’s not a bug. It’s a feature. They call it ‘stay the course protection’ for days like this.”

Indeed, customers who called into the biggest Wall Street brokerage firms like Merrill Lynch, Morgan Stanley, Wells Fargo and UBS to seek advice from their financial advisors were more likely than not to receive the well-worn response to stand pat. That advice typically goes like this: “you’re in it for the long haul”; “you’re a long term investor, don’t let market gyrations upset your long-term goals”; or “your portfolio is well diversified, you have no reason to panic.” (If you’re in your 30s that might be fine advice. If you’re within ten years of retirement or you are overweighted in stocks or stock mutual funds, you might want to get a second opinion.)

Measured on a point loss basis, Monday’s decline was the largest in Dow history. On a percentage basis, it pales in comparison to the 22.6 percent decline on October 19, 1987.  The complaints in 1987 about brokers not answering their phones and backing away from accepting trades sounds uncannily similar to the current complaints. According to the Federal Reserve’s archives, here’s what happened on October 19, 1987:

“Market makers in the over-the-counter market were not obligated to maintain an orderly market and many withdrew from trading. Delays in processing trades resulted in investors receiving prices very different from what they expected. Many brokers did not answer their phones, leaving investors unable to reach them. Erratic price movements and quotes resulted in frequent lock-ups in the electronic trading system used in the over-the-counter market.”

There is one more dangerous and troubling aspect to Monday’s market action. According to reporting by Donna Fuscaldo at Investopedia, the network monitoring company, Thousand Eyes, says it “saw evidence of a DDoS attack – otherwise known as distributed denial of service attack. With a DDoS attack, a hacker tries to make a website inoperable by bombarding it with traffic from multiple sources.”

Fuscaldo writes further:

“According to ThousandEyes, it saw a spike of high data loss in a major internet service provider and DDoS mitigation provider networks for 20 minutes, which it said could have been an attack that was detected and taken care of. After that, there was around 40 minutes in which the infrastructure of financial services sites were ‘overwhelmed.’ “

Thousand Eyes is not just any ole network security firm. According to its website, its customers include “the nation’s two largest banks, the second largest insurer and the second largest wealth manager.”

Congress and the Department of Justice have invested thousands of hours looking into Russian hacking in our elections. Surely the operation of America’s financial system is worthy of an equally intense investigation.

Bookmark the permalink.

Comments are closed.