- Bloomberg may show a “We’ve detected unusual activity from your computer network” CAPTCHA when requests look automated or abnormal.
- Common triggers include rapid/high-volume access, shared IPs (VPNs/proxies), and blocked JavaScript or cookies.
- For finance teams, such blocks can disrupt terminal/data workflows (e.g., BDH/API pulls) and slow time-sensitive decisions.
- Firms should manage usage patterns and licensing to avoid scraping/terms violations and maintain reliable access.
Read More
The Bloomberg prompt “We’ve detected unusual activity from your computer network” is a defensive measure designed to prevent automated or excessive requests. It is prominently accompanied by requirements to enable JavaScript and cookies and a reference ID for support. Bloomberg warns users that blocking cookies/JavaScript or making abundant rapid requests may cause such alerts.
From public and forum-based evidence, three particular behavioural triggers emerge: (i) shared or public IPs (e.g., VPNs, mobile networks), (ii) sudden shifts in usage volume or pattern—like querying many APIs in a short time without prior pattern consistency, (iii) possibly exceeding internal usage limits (e.g. terminal/data feed API quotas).
Investment banking desks and research teams often use Bloomberg data intensively—terminal functions, API requests, data pulls. If usage spikes (e.g., a big report or risk assessment requiring many BDH calls), those could trip security thresholds. For firms with workflows across many users or locations, shared IPs or remote access might worsen the risk. This could interrupt real-time decisions or slow down analysis. Institutions with proper licences (e.g., Bloomberg Anywhere) may have fewer issues but still need to manage usage patterns. [User forums]
Legally, this interacting with Bloomberg’s security systems and limits relates to topics like web scraping and automated data access. The U.S. Ninth Circuit’s hiQ Labs decision suggests that scraping publicly available content is less likely to violate the Computer Fraud and Abuse Act (CFAA) if not clearly prohibited. However, contract terms, usage agreements, and API licences often contain clauses forbidding scraping or exceeding usage thresholds, and violating those may lead to contract breach or civil liability. Institutional users must ensure compliance with Bloomberg’s terms.
Strategic implications for firms include ensuring infrastructure compliance (use of corporate IPs, avoiding excessive shared/proxy access), implementing usage monitoring internally to avoid tripping thresholds, and maintaining good relationships with Bloomberg reps to understand limits, negotiate usage, and resolve blocks swiftly. Failing to do so can lead to disruptions, blind spots in research, or competitive lag.
Open questions for firms include: What are their internal thresholds for usage volumes (e.g., API calls, terminal functions)? How is each desk’s usage pattern monitored versus Bloomberg’s accepted usage? Do teams have rights/licences (Anywhere, etc.) suitable for their location and remote work? What incident response process exists when blocks happen (who contacts Bloomberg, what steps, what wait times)?
Supporting Notes
- Primary source shows the full message: “We’ve detected unusual activity from your computer network … click … you’re not a robot”, including prompts about JavaScript, cookies, and a reference ID.
- Security commentary confirms common triggers: high request volume, shared IPs, blocking cookies/JavaScript, VPN use.
- User forum reports indicate that exceeding data/API usage limits (BDH, excel/data pulls) can lead to the same alerts.
- Legal precedent from hiQ Labs v. LinkedIn shows that public data scraping may not violate CFAA when content is publicly available—but Bloomberg’s internal licensing and anti-scraping clauses can still enforce usage limits contractually.