What To Do After Customer Info Has Been Compromised
Some companies are put in charge of private customer information, and it is their responsibility to keep this information safe. But in a world filled with technology and hackers, there may come a time that your company’s information—and the information of your customers—becomes breached.
A leak of your company’s and your customers’ private information can set you into panic mode, and while you shouldn’t start freaking out, you do need to take the situation seriously. If you find that information has been compromised, you need to take the following actions.
Determine what’s being leaked
The first thing you need to do is determine what information is currently being leaked. Call in a company that specializes in company breaches to help you assess the problem, determine exactly what information has been leaked and then clean up the mess. This process may take some time because these companies will want to be as thorough as they possibly can to ensure that the breach is removed.
Decide who needs to be told.
There are business laws set up to help companies deal with these types of situations. In the United States, 46 states have their own laws that determine who exactly a business needs to tell about a breach. If the information leaked was extremely confidential information of their customers, such as names, account numbers and social security numbers, then these laws force the businesses to contact their customers and let them know of the security breach. On the other hand, if the information breached is either not important or not thought to be misused, such as email addresses, then there is no need for businesses to tell their customers.
In order to keep your customers happy though and keep your business positive in the public eye, it may be a good idea to inform your customers about any type of security breach. News about the breach may start to leak out anyway, and if you can just come clean to begin with, it will be better for your company in the end.
Contact your customers…and be apologetic.
You need to reach out to your customers and let them know about the breach. It’s important that you try and contact them via two methods, such as with an email and with a mailed letter. You may also want to consider putting a letter on your website too.
You’ll also need to make sure that you’re apologetic and that you let your customers know that the situation has been handled appropriately. Customers are going to look past the fact that your company is also a victim, and they’re going to blame you. Plus, they’re immediately going to assume that their identity has been stolen, even if it was only email addresses that were hacked. Let your customers know that if they want to change their usernames or passwords to feel safer, they can do so. Then let them know about all the additional security features you’ve set up to keep this event from occurring again.
Tighten your security.
If you’re going to tell your customers that you took the necessary precautions to protect their information, then you need to make sure that you do. Tighten your security settings so that your information cannot be breached again, and also tighten the security measures for your customers. If you have yet to set up a two-factor authentication system, now may be the time to do so. This way, hackers will need to retrieve more than just a name in order to access your customers’ information, making it harder on them and much safer for your customers.
Give it time.
A breach on customer information is going to have some negative consequences. You may lose some customers, and you may receive a slew of angry phone calls, but eventually, this nightmare will fade, and your customers will soon forget that it happened.
Provided by Authentify the e-commerce authentication experts.