Imagine waking up one morning and finding you can’t access your money. This nightmare became a reality for half a million members of Patelco Credit Union on June 29, when the Dublin, CA-based credit union—one of the largest in the Bay Area and the country—was hit by a crippling ransomware attack. For more than two weeks, members were left without electronic access to their funds and online transaction capabilities, including direct deposits.
This incident has sent shockwaves through the financial industry, highlighting the lurking threat of cyberattacks and raising crucial questions about preparedness and customer trust. While there are a lot of bad actors out there, is your business acting poorly when it comes to preparation? Will your customers leave as result? This should be of upmost concern for your reputation.
In response to the attack, Patelco members have filed a class-action lawsuit against the credit union, claiming the organization failed to properly manage customer information in relation to data security. The lawsuit also alleges Patelco did not conduct regular security testing or adequately train its employees, raising concerns about whether the credit union did enough to mitigate potential disruptions and ease the aftermath of the unexpected.
The incident underscores the importance of crisis communication planning. If a similar attack were to hit your business, would you be prepared?
You’ve Been CrowdStruck
On a more up-and-up front, when a CrowdStrike security software update knocked 8.5 million PCs offline last week, the situation gave Microsoft a ready perpetrator to point to when things when awry globally. While CrowdStrike quickly identified and deployed a fix for the issue, the roll-out paralyzed operations across various sectors.
What would happen in your organization if a vendor disruption affected customers who rely on your product? If the only plan you have in place is to hold your vendors as scapegoats and stand behind your own good reputation…THIS IS NOT ENOUGH.
Microsoft’s proactive communication highlights the importance of managing vendor relationships and having a clear response plan. The company began posting communication updates on its own forums about communicating with CrowdStrike and external developers, to collect information and expedite solutions for its customers.
As an expert on reputation management, ReputationUs recognizes that different industries have different considerations. However, there is one clear standard: Not only is it irresponsible to simply point a finger at a problem—it’s unacceptable.
Organizations need strong crisis-response strategies to maintain trust and protect their reputations. Testing your business’s ability to handle disruptions is crucial. If you haven’t prepared, it’s time to develop a solid plan. Have you run simulations to identify key vulnerabilities and communication strategies?
If not, let’s talk. Instead of blaming others, having a responsible, executable plan helps secure your good reputation for the long-term.