WHAT THE MEDIA SAY: Consumers' Association site slips up

Organisation: Consumers' Association

Issue: website security breach

The discovery of a 'serious flaw in security' (which.net, 22/6) on the

Consumers' Association TaxCalc website last week compromised thousands

of customers' personal and financial details.

The Consumers' Association, the Which? publisher frequently described as

the 'UK's consumer champion' (guardian.co.uk, 22/6), found itself having

to implement some of the recommendations it had previously presented to

other online businesses under its Trust UK/ Web Trader secure online

trading hallmark.

In addition to the immediate closure of the site, the Association warned

all 27,000 TaxCalc customers of the breach and urged them to cancel

compromised credit cards. Deputy director Kim Lavely highlighted the

organisation's 'concern' about the situation, and reassured people that

the site would remain closed until the problem was resolved (Daily Mail,


The speed, honesty and thoroughness of the Consumers' Association's

response to the crisis did not dispel all criticism of the organisation.

The leading negative response was to highlight the irony that one of the

leading advocates of tighter internet security found itself a victim of

poor security arrangements. The BBC's website headline, 'Red faces after

credit card web blunder' (bbc.co.uk, 22/6), was echoed by other


Silicon.com, which spoke of the 'flaw that undermined its (Consumers'

Association) credibility', quoted a member of the Web Trader Scheme: 'It

can't be good from their perspective, asking other people to comply with

their standards. It's pretty embarrassing for them' (silicon.com,


The single most negative response was aired by a disillusioned TaxCalc

customer: 'Sorry Which?, you suck, and I can never again trust your

assurances ... your brand value to me is NIL' (accountingweb.co.uk,


Consumers' Association spokesperson Alan Stevens attempted to refocus

media attention on the importance of careful post-crisis management of

security flaws.

'We are critical when companies don't get things right, but we are most

critical when they don't put things right subsequently' (The Guardian,

23/6). This was an area in which the Consumers' Association could not be

faulted, having informed all affected customers within 24 hours and

commissioned an independent security adviser to investigate the


Analysis and commentary by Echo Research. More information can be found

at: www.echoResearch.com.

Have you registered with us yet?

Register now to enjoy more articles and free email bulletins

Already registered?
Sign in