Bouncing back or busting apart after a clusterf*ck of a crisis is a contributor feature by Femeconomy member Amber Daines, Co-founder of Grace & Grit Strategic Communications Advisory.
The hacks keep on coming
It’s fair to say the last month has been the worst Australian telco giant Optus has experienced in its 40-year history. When news broke on 22 September that Optus had suffered a major data breach affecting up to 10 million past and present customers (so effectively one-third of the Australian population) it was a massive shock for many who had assumed one of the largest companies in the land had a kick-ass IT department and all the anti-hack bells and whistles needed to keep its data safe. Wrong. The breach has included security ID details such as dates of birth, driving license, and passport details. Or let’s just say, well over the 100 points of ID needed to open fraudulent bank accounts or hack such customers.
Our equivalent of the FBI or Scotland Yard, the Australian Federal Police (AFP) not yet caught the hacker(s) a month on. Then again, the AFP also have had their own cyber hacking woes a week ago when classified documents were the subject of a data leak and exposed agents fighting drug cartels. Hardly likely to fuel confidence on catching the Optus hacker operation when their own IT house is not in order!
Crisis snowballs as it becomes a ‘trend’
Now the rule of threes seems to work here for this hacker story of the month award. Earlier this week Medibank has admitted that the personal data of some of its customers — including names, addresses, Medicare numbers and phone numbers — has been stolen in a cyber-attack. At the time of writing, Medibank expected the number of affected customers is expected to grow as the days go by and once again, the matter has been referred to the Australian Federal Police – and well, good luck!
What Medicare has done is issue an immediate statement sharing the criminal group allegedly responsible had claimed that 200 gigabytes of data had been stolen and that it would be reaching out to affected customers. Communicating early and with what do know now is always the best way to manage your unfolding crisis. Waiting for all the ducks to line up in the hours or days that follow and then issuing a static message on your website, social media, and through all the relevant news outlets isn’t going to help stop the speculation or accusations. Keep updating stakeholders inside and outside the business too. It all makes everyone feel more in control and informed. It can also prevent “whistle-blowers” from issuing their own version of stories that undermine all the efforts you may well be making in terms of managing the crisis well.
As a communications professional who has navigated a stack of household name clients during their own mega-crisis, such as financial institutions during the Banking Royal Commission of 2018 and a major consulting firm at the eye of a drawn-out live-streamed iCare (see what I did there) parliamentary inquiry of 2020, there are some basic rules that work to salvage your reputation or at least fill the ugly information void staying silent automatically creates.
Optus’ slow-to-move response to the media frenzy and customer outrage has been like watching an oil tanker trying to move in a race against a Ferrari – slow, cumbersome and at sometimes hard to watch (or look away perhaps).
Bad News Headlines First, Rebuilding Trust Second
For now, this unfolding story will stay in the headlines – even time a new breach comes out, the AFP fails to ‘get the baddies’, and the following the class actions that will ensue. That keeps the story going, bubbling away and unresolved.
Rebuilding trust will take a long time for any organisation that is the perpetrator or victim even in a crisis. That journey requires an overreach of gestures such as remediation, and refunds or credit notes, and really showing in a practical way just how things have changed and will prevent similar, future risks.
For now, Optus’s strong brand trajectory has completely changed until the actual hackers are found and customer data is better secured, no matter the cost. It will want the benefit of the doubt from the public in its system failure. Studies show it can take years to rebuild trust after a crisis, even if you are a blue-chip business with lots of brand power.
Gold Standard Communications is Key
Hope is not lost. Past banks of solid communications currency can carry favour in a new crisis today. Maybe you too recall when Optus communicated with self-deprecation and some media spending power during its 2018 “Floptus” World Cup streaming problems by taking out full-page ads in a major newspaper. That was four years ago, and ads in newspapers are not nearly as widely read (so the recalibrated version of the same approach recently fell well flat among skeptical and angry customers affected by the far more serious nature and extent of the September 2022 cyber-attack). Optus slowly but surely won back the support of fans but only once this underwhelming service became more reliable but this was a different scale of issue.
The best hope is the hackers are the heart of these scandals are caught and these organisations can start the road to repair. Keeping us all informed on the way.
You are the female economy. Whether you are a female consumer, business owner or a woman in the workforce, you can create gender equality by choosing female led brands.
Grace & Grit Strategic Communications Advisory is a Femeconomy Platinum Member. To learn more about joining Femeconomy, hit the big red button below: