Matthew Winkler, editor-in-chief of Bloomberg News, apologized on Monday for allowing journalists “limited” access to sensitive data about how clients used Bloomberg terminals, saying it was “inexcusable”, but that important customer data had always been protected.

His statement came as the European Central Bank said it was in “close contact with Bloomberg” about any possible breaches in the confidentiality of data usage.

The U.S. Federal Reserve is also investigating, and a source briefed on the situation said the Treasury Department was looking into the question as well.

The practice of giving reporters access to some data considered proprietary, including when a customer looked into broad categories such as equities or bonds, came to light in media reports last week. In response, the parent company, Bloomberg LP, said it had restricted such access last month after Goldman Sachs Group Inc. complained.

In an editorial posted on Bloomberg.com, Winkler said, “Our reporters should not have access to any data considered proprietary. I am sorry they did. The error is inexcusable.”

Goldman flagged the matter to Bloomberg after the bank found that journalists had access to more information than it had known and argued the information was sensitive and should not be seen by reporters.

The news triggered fears at Wall Street firms about the privacy of sensitive data, as well as at the Fed and other U.S. government departments that use Bloomberg terminals.

In the editorial, Winkler sought to clarify what exactly Bloomberg journalists could see. He said they had access to a user’s login history, as well as “high-level types of user functions on an aggregated basis, with no ability to look into specific security information.”

He said the practice dated back to the early days of Bloomberg News in the 1990s, when reporters used the terminal to find out what kind of news coverage customers wanted.

“As data privacy has become a central concern to our clients, we should go above and beyond in protecting data, especially when we have even the appearance of impropriety,” Winkler wrote. “And that’s why we’ve made these recent changes to what reporters can access.”

The company’s damage-control efforts encountered a potential setback later on Monday when the Financial Times reported that thousands of private messages, sent over Bloomberg terminals in 2009 and 2010, were uploaded to an unsecure online site, apparently by accident.

The messages, sent between traders at some of the world’s largest banks and their customers, contained confidential financial price information and trading activity, the newspaper reported. They were later removed from the site.

The Financial Times article quoted a Bloomberg spokesman as saying, “This work was done with client consent, where emails were explicitly forwarded to us to a dedicated email account and released by the person responsible for the email so that we could conduct internal testing to improve our technology for the client.”

A company spokesman declined further comment when contacted by Reuters.

Bloomberg’s Book

Data security was an issue that company founder Michael Bloomberg wrestled with in his 1997 book, “Bloomberg by Bloomberg.” In general, he wrote, restricting access to proprietary information can be an ineffective exercise.

Often “the whole data security issue is overblown at most corporations that think they have a lot to guard,” wrote Bloomberg, who has been mayor of New York City since 2002. “Pilferage and leakage are costs of doing business. Live with them. While some restrictions make sense, many are ridiculous.”

When asked at a news conference on Monday about the current controversy, Bloomberg said he could not comment because of his agreement with the city’s conflicts of interest board. The mayor, who Forbes has said has a net worth of $27 billion, has not been involved in the day-to-day operations of Bloomberg LP for nearly a dozen years.

In his statement, Winkler emphasized that Bloomberg News “has never compromised the integrity of that data in our reporting” and said Bloomberg journalists are subject to standards that are among the most stringent in the business.

“At no time did reporters have access to trading, portfolio, monitor, blotter or other related systems,” he said. “Nor did they have access to clients’ messages to one another. They couldn’t see the stories that clients were reading or the securities clients might be looking at.”

Even though the information available to Bloomberg reporters was limited, senior Goldman executives argued that a trader could profit just by knowing what type of securities high-profile users were looking at, or what questions a government official raised with Bloomberg’s help desk, people with direct knowledge of their views said.

The issue made people inside the bank uncomfortable with even the Bloomberg marketing and sales team’s access to information, the sources said.

In disclosing the new restrictions set last month, Chief Executive Daniel Doctoroff said Bloomberg had created the position of client data compliance officer to ensure that its news operations never have access to confidential customer data.

Closely held Bloomberg, which competes with Thomson Reuters, the parent of Reuters News, gets the bulk of its revenue from terminal sales to financial institutions.

Bloomberg has more than 315,000 terminal subscribers globally, with each Bloomberg terminal costing more than $20,000 a year. Last year it posted revenue of $7.9 billion.

In a statement on Friday, Thomson Reuters said its news division operates “completely independently, with reporters having no access to non-public data on its customers, especially any data relating to its customers use of its products or services.”

Reporting By Jennifer Saba, Lauren Tara LaCapra and Daniel Trotta; Writing by Frank McGurty; Editing by Ciro Scotti and Leslie Gevirtz)