A decent response that lacked one critical ingredient
It appears we can belatedly add Chik-Fil-A to the list of organizations hacked in 2014, as reports have emerged stating the fast food chain was bleeding data from Dec.2, 2013, to Sept. 30, 2014.
To its credit, Chick-fil-A did release a statement quickly after discovering the invasion, but as far as we’re concerned it was far from great. Have a look for yourself:
Chick-fil-A recently received reports of potential unusual activity involving payment cards used at a few of our restaurants. We take our obligation to protect customer information seriously, and we are working with leading IT security firms, law enforcement and our payment industry contacts to determine all of the facts.
We want to assure our customers we are working hard to investigate these events and will share additional facts as we are able to do so. If the investigation reveals that a breach has occurred, customers will not be liable for any fraudulent charges to their accounts — any fraudulent charges will be the responsibility of either Chick-fil-A or the bank that issued the card. If our customers are impacted, we will arrange for free identity protection services, including credit monitoring.
If you are concerned about your payment card transactions at a Chick-fil-A restaurant, please review the following frequently asked questions (“FAQ’s”).
Customers may call 855-398-6439 for additional support or information. (Our call center will be closed for the New Year’s holiday and will reopen beginning Friday January 2.)
Giving customers a clear method to contact support and promising they would not take financial harm was a great start, but this statement was lacking the crucial ingredient that so many authored for the purpose of crisis management often do – compassion. Without compassion, it’s easy for stakeholders to feel like you don’t care, and the second they feel that way your messaging starts to lose its power.
The BCM Blogging Team
https://www.bernsteincrisismanagement.com