That’s one of many questions erupting in the aftermath of Equifax’s recently disclosed data breach, along with the following queries:
Equifax is a leading consumer credit reporting agency, responsible for safeguarding highly sensitive financial and other personal data for more than 800 million consumers and businesses globally.
In a corporate crisis, the first challenge is the precipitating issue (in this case, the breach itself). Here, Equifax failed. For any corporate crisis, how an organization responds can hasten reputational recovery—or accelerate damage to it. Here, too, Equifax failed.
Consider these six takeaways from Equifax’s communications stumbles:
1. Timing is everything. “What did the president know, and when did he know it? ” was Sen. Howard Baker’s famous question posed during the congressional hearings on Watergate. It’s a question that’s now routinely asked of organizations’ leadership teams when a scandal goes public.
Equifax first learned on July 29 that personal data had been exposed, but it notified the public on Sept. 8 (as national news outlets were distracted with 24/7 hurricane coverage).