wikinvest whoops

Here’s a sobering computer security story. So I signed up up for wikinvest.org about two days ago, but didn’t immediately receive a confirmation email. Then this afternoon I did… along with a second message saying my brokerage account had been added. That’s odd, I though; I didn’t link my brokerage account. I opened the email, which said in part:

You’ve successfully added the following accounts to your Wikinvest portfolio :
Account: Morgan Stanley Smith Barney Acct ***688A
Account: Morgan Stanley Smith Barney Acct ***687A
Account: Morgan Stanley Smith Barney Acct ***673A

What? I don’t even have brokerage accounts with Morgan Stanley. But when I logged in, the accounts were there:

wikinvest

Pretty wacky, right? Whoever’s account this is has $582,822 in the market, mostly in ETFs. (They’re down $8,000 on the day, at least as of this writing). And no, I can’t access this account or withdraw from it or anything like that, even if I wanted to. Or see who really owns it. But still seems like a pretty stunning bug by Wikinvest… [or maybe not; see below]

UPDATE 1/20/2011: Okay, I just chatted with one of the head honchos at Wikinvest. What actually apparently happened is a bit of a bizarre coincidence. Someone with a very similar email address to mine I guess signed up for the service around the same time I tried to, apparently giving them my email address rather than his. That explains why I didn’t get a confirmation email until a few days later… when he tried to get in and reset his account. Whooops. I know it sounds far-fetched but I believe it — the account username I received was a letter off the one I usually use. I had thought it was a typo on my part, but apparently not.

1 comment to wikinvest whoops

  • Irene Luc

    Hey
    I m so surprised reading this
    and moreover even more siurprisingly N B has commented on this here comment of yrs
    i recently discovered that my fictional gains supposedly dropped by 100 perecnt fr the 19th to 20 OCTOBER 2013,,
    this doesnt seem real more like a bug
    After all …
    anyone same experience?

Leave a Reply

  

  

  

You can use these HTML tags

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>