Investor voting website down amid cyber-attack

Supporters consider options for AGM voting portal that is based on old software code

The website, which collates investor voting for company annual general meetings, is currently down amid a cyber-attack.
But, as soon as supporters find someone familiar with its antique Ruby on Rails software, it could be up again as a tool for individual investors.
However, shareholder activist James McRitchie, long a supporter of the site, said its code needs to be re-written to make it really robust again – adding it possibly needs to be hosted by an organisation with a primary focus on retail investors’ rights.
The site is currently hosted by the Sustainable Endowments Institute, a US nonprofit that is engaged in research and education to advance sustainability in operations and endowment practices.
RI also spoke to Mark Orlowski, who was one of the four founding board members of ProxyDemocracy, and is the founder and Executive Director of the Sustainable Endowments Institute, that has been hosting the site since 2015.
The reason for the site being unavailable, though, is not just about outdated code.
“It was built using 2008-2010 web programming language,” said Orlowski, “which has stood the test of time, but that’s like driving a 1970s model car. It has gone down a few times over the last couple of years, but usually for very short time periods.
“However, just a couple of weeks ago we got a notice from our web hosting company that we were under a small-scale cyber-attack. I don’t think there was anyone specifically targeting the site, law enforcement has not been involved, there’s no reason to think it’s a foreign actor trying to take down the site specifically, but there are bad actors scanning the Internet to take advantage of old servers.
“And ProxyDemocracy was found to have an older code, so they were able to use it as a vessel to do other things in the background. We don’t know how it was being used, but we were uncomfortable with the situation; and the web traffic levels were so high coming through that, if we hadn’t taken it off-line voluntarily, it would have capped out our available bandwidth. To be clear, the site wasn’t hacked or the data compromised, all the data is still there.”

Orlowski was fairly confident that they would have the site back up again within a matter of weeks, if not days.“We have taken on a developer who is investigating to see if he can bring it back online fairly soon and patch the security hole.”

“We’re hoping it will be back online within another week or two, though, of course, with the current code it will still be susceptible.”

On its future: “I would like ProxyDemocracy to be a member organisation, where the members have some say over the board of directors,” said McRitchie, “though I would still like to house it with a non-profit, so it would be a project of that non-profit.”

“We got a notice from our web hosting company that we were under a small-scale cyber-attack.”

How much it would cost to accomplish this is unclear, though McRitchie noted that it had raised $140,000 in grants back in 2010. Orlowski confirmed this plan: “We are looking for supporters and donors to help create a ProxyDemocracy 2.0. We would also like to add some more features and expand the number of funds that we track. At the same time, if there is another home for it that would be a good fit, we are open to that situation.”

McRitchie is committed to finding funding, and is confident that he will of getting at least the initial funding to get it back up again in the short term. “The idea is to get it up and running well before the next proxy season,” he said.

McRitchie said potential partners could include the likes of the American Association of Individual Investors (AAII) and BetterInvesting.
It all comes as the SEC is trying to get retail investors more involved.
The site’s value is clear, however. “Even though it was started 10 years ago,” said Orlowski, “it is still the only site of its kind, as far as we know, in the world. Despite all the tech innovations and financial services changes during the period, the public availability of this information in an easily available form starts and stops with ProxyDemocracy, as far as we are aware.” If readers would like to be informed when the site is up again, they are welcome to email the Institute and it will notify them as soon as the site is online.