On September 7th, it emerged Equifax, a US-based credit monitoring company, suffered a data breach which put the personal information of 143 million Americans at risk. Exposing the sensitive data of hundreds of millions of customers quite obviously spells bad news for any business whatever happens next, but reputation can be redeemed through the way a business reacts to a cyber-attack of any scale. Unfortunately, in Equifax’s case, redemption is going to be a huge challenge, with their reaction already being widely criticised. Equifax first discovered the cyber-attack had occurred on 29th July, yet took five weeks to announce it publicly. It wasn’t until September 7th that the company published a link to an info website and a hotline number for concerned customers to call to check if their personal data had been affected.
When customers did attempt to call, many reported being putting on hold for extended periods or getting disconnected numerous times. And if they were ‘lucky’ enough to get through, they were greeted by a contractor who had no access to their account and simply directed them back to the website for more info. Not exactly the response you want when you’ve been put at risk of identity fraud.
What’s clear from the still-emerging details of this story is that despite all the advice and solutions on offer to businesses of all types and sizes, business are still reacting to cyber-attacks with a ‘let’s hope no one notices and maybe this will all go away’ type of attitude.