That’s a completely incomprehensible blunder. Did someone get access to the code internally and “open the gates”? Or was there a backdoor in the code that was activated? It’s probably not possible otherwise?
Nordnet has been updating its login method. I consider it very likely that this is not external activity, but rather a serious error occurred at Nordnet during the update. For example, the table mapping a username to an internal, technical account ID has accidentally been replaced with a test version.
Is this problem also in Sweden? In any case, Nordnet is certainly losing its customers if this mess lasts long. Furthermore, Nordnet’s service to its Finnish customers has been weaker regarding stock-related news. I also understood that we are losing to the Swedes in pricing… Is this our reward?
OK, I didn’t know about that update. What you described sounds logical, but like a fatal mistake. Of course, if we again consider the worst-case scenario vs. human factors, then that would indeed be among the best options…
The biggest security risk still seems to be the human himself, not the technical system.
Now we just hope that the money is safe. Preferably, of course, even the investments in their original places.
I would also assume that there has been a serious glitch in the database with the update, which has somehow completely messed up the mapping between login credentials and portfolios. It would be interesting to know if it was possible to place orders from another person’s portfolio. If so, I hope someone threw out my Hesuli shares, as I apparently can’t detach myself from them…
Hopefully, it was just a “view only” problem, and when making the assignment, the systems realized the user was incorrect. I recall that Steam, among others, had a similar problem, which was indeed caused by a Read-Only cache. You could see some random user’s information, but purchases used a different system, so at that point, you got an error.
What can be done with that portfolio number and name in the future? If someone has taken a screenshot of the portfolio, can they cause trouble based on these, for example, by calling support and providing the numbers etc.? So, even if the logins were fixed, there would still be a risk. And of course, personal identification numbers etc. have probably leaked at the same time.
Those crashes happen sometimes, fortunately less often. It’s worth logging in on Thursday and checking the Sampo row to see if the number of shares has increased. Nordnet is the easiest to use of all brokers and that’s enough for me for now.
The biggest problem isn’t the crash itself, but gaining access to other users’ information. And through that, potentially causing harm. If one can send messages on other people’s accounts in their name, then surely one could also, if desired, throw the shares overboard? Or buy OmaSP and Tecnotree with all the money
It’s another matter how many people realized/had time to exploit that to the extent of downloading all histories etc. I don’t think the error lasted very long, perhaps a matter of minutes?
