Tag Archives: data breach

Facebook Data Breach: What You Need to Know

Facebook has been all over the news this week due to reports that Cambridge Analytica, the Trump campaign’s data firm, was involved in a data collection scheme. This allowed Cambridge Analytica access to the private information of over 50 million Facebook users. We discuss what you need to know about this recent scandal, and what it means for Facebook users.

WHAT IS CAMBRIDGE ANALYTICA?

Cambridge Analytica is a data firm that offers companies and political parties services to “change audience behavior”. The company was created when Steve Bannon approached conservative hedgefund billionaire Robert Mercer to fund a political consulting firm. The firm harvested private information from the Facebook profiles of more than 50 million users without their permission, in order to target them with personalized political advertisements.

myPERSONALITY

MyPersonality was the application Cambridge Analytica used to harvest the information. It was a popular Facebook personality quiz that could be used to build psychological profiles of the people who took the quiz, and, due to a loophole in Facebook API, allowed it to collect data from the Facebook “friends” of the quiz takers as well.  

FACEBOOK’S RESPONSE

The company’s stock price has taken a beating since the revelation, dropping 6.8% on Monday and another 2.5% on Tuesday. Facebook founder and CEO Mark Zuckerberg released a statement on Wednesday, saying,

“We have a responsibility to protect your data, and if we can’t then we don’t deserve to serve you. I’ve been working to understand exactly what happened and how to make sure this doesn’t happen again. The good news is that the most important actions to prevent this from happening again today we have already taken years ago. But we also made mistakes, there’s more to do, and we need to step up and do it.”

According to Zuckerberg, Facebook plans to investigate and audit all apps that had access to large amounts of information. If an audit reveals any misuse, he said, the developer will be banned, and Facebook will inform any users affected by the app’s collection of identificable information.

FACEBOOK USERS

It certainly sparks a larger debate for Facebook’s 2.2 billion active users—how safe is their personal data? And how is it being used? Facebook allowed a third-party to implement an application for the sole purpose of gathering user’s data. Furthermore, Facebook has known about this issue for more than two years, and only now that it has been made public are they ackowledging their mistake. Facebook has publicly touted their ability to accurately profile voters using the information they give to the site.

Critics are calling for tough new regulations, and celebrities are urging users to quit Facebook, with the Twitter hashtag #deleteFacebook. Users have always been aware that Facebook collected their data, but perhaps did not realize the extent and possible ramifications. This invasion of privacy has certainly been an eye-opener for millions of unwitting users across the country.

How Can Businesses Recover Consumer Trust After A Data Breach?

According to the Identity Theft Resource Center and a review of corporate disclosures by CNN Money, nearly half of all adult Americans have already been hacked in 2014, and the trend shows no sign of slowing down. Last week qSample published an article on how consumers can avoid data theft, but consumers aren’t the only ones that are effected.

Cyber Criminals are becoming bolder and more sophisticated. Two weeks ago, Domino’s Pizza announced a breach of customer information as well. Cyber-criminals swiped consumer names, addresses, phone numbers, and other personal information. The hackers demanded around $40,000 through twitter in exchange for not releasing the data. Domino’s refused to pay the ransom, and the twitter account has since been suspended. Hackers aren’t just more sophisticated than ever, they’re also more organized, and they’re willing to go after any company, big or small. AT&T, Michaels, Sally Beauty, Neiman Marcus, AOL, Adobe, Snapchat, and eBay have all been breached in the past year.

Last December, Target captured headlines around the world when debit and credit card information for 40 million customers was stolen. The breach represented a massive blow to ecommerce and company-consumer relationships that left Target scrambling to recapture customer trust.

How can a company regain the trust of consumers when 40 million credit/debit cards are lost to hackers? How can that company regain trust in itself? qSample decided to take a look into how consumer trust can be regained after a cyber attack:

Data Theft Businesses

1. Apologize
This step is simple, but often overlooked. Whether the breach was the result of corrupted employees or neglected security provided by a third-party, consumers will always place the blame directly on the shoulders of the business that “leaked” their information. It’s pointless to try to shift the blame, and doing so could even make the company look worse. Accepting responsibility and releasing a public statement of apology can go a long way in regaining trust. In any case, “I’m sorry”, is free, and it opens a line of communication between the consumer and the company.

2. Neutralize the Damage
Unfortunately, many customers realize that words are cheap, and demand more than a simple apology statement. They want actions to be taken. A company must neutralize the damage. In the case of the Target credit card leak, all charges made with leaked cards were covered by Target, a fact that is stated on Target’s website, but one that many consumers didn’t know. Informing consumers of standard consumer protection policies could have helped mitigate the situation in a better way. This again highlights the importance of communication.

3. Prevention
After the damage has been neutralized, consumers want to know what has been done to prevent data theft from happening again. Measures must be taken to prevent similar breaches in the future. In an effort to prevent this type of situation from happening again, Target announced that security chips would be integrated into Target REDcards and stores by early 2015, 6 months ahead of schedule. Unfortunately, this was still over a year away for consumers.

4. Encourage Immediate Consumerism
Once it’s clear that a breach cannot happen again, a business can encourage immediate consumerism. No customer will be excited to return to an online marketplace that recently endured a data breach, but given the proper incentives, they may return more happily. Discounts, sales, and other short term promotional activities can be used to pull consumers through the virtual door and encourage immediate purchases. This can help reverse declining sales after a data breach and provide some cash flow for the company. Target offered a brief 10% discount to consumers that visited Target stores after the data breach. Unfortunately, many employees weren’t even aware of the reason for the sale, and even fewer consumers knew what it was for.

5. Cultivate Loyalty
Loyalty programs such as reward points and company credit cards can be used to fortify long-term consumerism. After a cyber attack, customers need to be reminded that loyalty to the brand is rewarded, not punished. By offering exclusive deals to frequent customers, businesses can reassure consumers and increase repeat visits.

While it’s important to recover consumer trust after a cyber attack, the best marketers look past simply recovering, and search for ways to take advantage of the situation.

James Hickey, an entrepreneur, consultant, and member of qSample’s Marketing Experts group took an interest in how the public interest caused by a Data Theft situation could be used to collect more data from consumers. He had this to say:

“When a large business has a data-theft problem, it can draw regional or national attention to their company and brand. One of the best ways to take advantage of this would be to send out some surveys addressing the problem but as part of the survey, you could get some other questions about your business that could be helpful. More people are apt to fill out a survey during this time and you could get some great data about other parts of your business during this time”

This isn’t the only way that a company can take advantage of a data breach. For instance, Target could have leveraged policies involving the current REDcard to build consumer trust, encourage immediate purchases, and even cultivate loyalty among its consumers with very little effort. According to Target’s official website, all fraudulent charges made with the Target REDcard are covered by Target’s insurance. This is a fact that few customers are aware of, but one which Target should have been announcing from the rooftops. By encouraging use of REDcards, and telling consumers about the covered risk of fraudulent charges, Target could facilitate immediate purchases with promotional tactics aimed at REDcard holders, and loyalty through currently existing REDcard Loyalty programs. All of these aspects are currently in place, but consumers simply aren’t aware of them. Communication is vital to building trust, and simply by telling consumers about pre-existing policies, rewards, and programs, Target could have not only recovered consumer trust, but also cultivated loyalty and converted consumers to its REDcard program.

Trust is not easily given, and it can take a great deal of effort to rebuild it once it’s lost. Through recovering from a data breach, communication is crucial. Consumers want to know that a company will take responsibility, reverse the damage, and prevent similar problems in the future. Even while recovering, marketers should consider how the situation can be used to benefit the company. Data theft has become an online epidemic, but it presents opportunities for the intelligent marketer that can be utilized for more than just recovery.

###

qSample offers many great panels for data collection and analysis. In addition to large segments of general consumers, qSample cultivates high-quality specialty panels. Those panels include:
Mobile Users, Gamers, Voters, Contractors, Home Owners, Students, Baby Boomers, Veterinarians, and Pet Owners.
You can find more information by clicking on the “Panels” tab above, or contact qSample here