The social media team at the bakers has come in for plenty of online kudos for their slick handling of the situation, which involved offering via Twitter a tray of gooey doughnuts to Google UK in return for fixing the problem.
While the executive board at Greggs may not be quite so thrilled with the negative hit on the share price caused by the hack, the doughnut offer and neat retort from the Google UK social media team offering to fix the problem if they "threw in a sausage roll" are examples of good judgement in handling what could undoubtedly be viewed as a ‘sticky situation’.
Yet, in all the online reaction to the social media handling of the situation what has been overlooked is that the public attitude to data breaches and hacks has changed.
As a PR specialist working in IT security for over 17 years now, I’ve seen a shift in attitudes to cyber attacks which recognises that data breaches and malware are inevitable. It’s no longer about whether your company will be hit by a data breach or cyber attack but when and how you handle the fallout from the attack.
After all, in a world where 78 per cent of companies have suffered a breach in the last 24 months – whether they know it or not, it’s hardly reasonable to lampoon a company for facing the inevitable.
The massive media exposure gained by the Heartbleed vulnerability earlier this year and by large high-profile hacks suffered by businesses like Target and eBay globally, has taken its toll on the public and corporate collective consciousness. The speed with which social media quickly alerts the public to data breaches and hactivist attempts has long since banished the option of burying your head in the sand and pretending an attack hasn’t happened.
By far the best option is to acknowledge the reality of the situation and be swift and decisive in informing the affected parties and swinging into action with your PR crisis management plan.
In comparing the handling of recent data breaches by eBay, Target and most recently the defacing of the Greggs logo, what is most evident is the need for speed. eBay and Target were widely criticised for deliberating too long and not responding to rumours circulating on social media or – in the case of eBay – in suggesting that users change their passwords.
However, it would be over simplistic to suggest that the PR response to all cyber security attacks should be managed in the same way. Clearly there is a world of difference between a hactivist attack on a bakers – which is likely to affect the employees of the company and could cost them a few sticky buns – and data theft on a major scale.
The handling of a data theft affecting the medical records of cancer patients from a public health body or the theft of credit card details from a high street bank would need to be handled with a high degree of sensitivity and a light-hearted tweet is unlikely to win over many fans.
So what are the learning points for marcoms teams in dealing with the effects of cyber attacks such as data breaches and hactivist attacks? As ever having a clear incident response plan is of paramount importance.
Given the speed of evolution of cyber threats, this should be regularly revised based on the ever increasing variety of possible attack vectors. For companies for whom the internet is their shop window, or who handle sensitive records or data this is an absolute imperative.
Tracking down your company’s IT security manager and familiarising yourself with the sorts of cyber attacks that you could be prone to, would also be worthwhile to help you build your crisis management action plan.
The good news though is that handled correctly, a cyber security drama doesn’t need to become a crisis. As we’ve seen from the Gregg’s incident it could even be turned into a positive. I’m personally waiting to see if they’ll be offering a doughnut bounty in return for information leading to the identity of the hactivist responsible for the attack!
Dianne Canham is the founder and client services director of éclat Marketing