The Equifax data breach was one of the worst data breaches ever. Adding insult to injury, the Equifax reaction violated many PR crisis 101 rules which didn't help with their reputation management.
What they did wrong:
Delayed Response: Equifax uncovered the breach on July 29 but publically announced in early Sept. No,no,no.
Stock Unload: Three Equifax executives unloaded stock three days after the company discovered the breach. Hmmm. No.
Take Me To Your Leader: Triaging top management is crisis management 101. However, the company's high-level executives, the company claims, were unaware of one of the largest data breaches ever. EVER?
Sort of An Apology. Reputation management calls for a sincere apology and assumed responsibility. The Equifax press release did none of this.
Your Customers. Equifax created a website where consumers can learn if their information was compromised. Equifax offered to provide anyone its identity protection service, TrustedID, for free. However, anyone agreeing to the terms of service foregoes their right to sue Equifax and file or join a class action lawsuit.
The Equifax crisis management fell short. This is a case study in how NOT to handle a data breach crisis.
No comments:
Post a Comment