How to Handle Customers in the Wake of Cyber Attacks
Recent cyberattacks once again demonstrated that they can happen to any company at any time. Shortly before a British teenager was identified as one of the culprits of a cyber attack on Florida-based SeaWorld, two educational institutions, a state health agency, and a grocery store chain in California all announced being victims of data breaches.
In the California cyber attacks, the health records and personal information of more than 1,000 patients were compromised — leading the Palm Beach County Health Department to urge those people to take measures to obtain free credit monitoring services.
As experts have been saying for some time now, you should resign yourself to the idea of not “if” but “when” on matters of cyber attacks. Small to medium businesses are just as vulnerable to breaches as larger corporations. According to a survey of IT professionals, companies were experiencing an average of 40 attacks a year.
Yet, it was apparent that companies weren’t consistent in their policies on how to address their clients in the wake of a cyber attack.
A PR professional who specializes in crisis communications suggests these four steps to communicating to your audience after you’re hit by a cyberattack:
1. Be quick to disclose the truth. Now is not the time to worry about damage control for your brand. Keep your clients’ best interests in mind by providing them measures on what they need to protect their identity. Also, be specific about the details of the breach and what what your team is doing to address the problem.
2. Answer inquiries. At this point, you don’t want your customers to have to go through typical channels to have questions answered. Set up a special number or method of contacting your team to get assistance as it relates to the breach. Make sure you provide everyone on your team who interacts with customers briefing documents about the breach.
3. Monitor conversations on social media. More than likely, you can expect clients to air their grievances on social media. Set up a Google Alert to capture any mentions of your brand. Make sure you respond professionally to online comments that seem to offer the opportunity to add clarification.
4. Plan ahead. The best way to handle a crisis is to make communications plans before it happens. Gather your team to discuss the best approach to handling events following a cyber attack.