Tag Archives: crisis communications

Hack of a Whopper

Posted on by
1
On Feb. 18, 2013, Burger King's Twitter account was hacked garnering national media coverage and the ire of brand followers.

On Feb. 18, 2013, Burger King’s Twitter account was hacked garnering national media coverage and the ire of brand followers.

Crisis happens. When the crisis involves social media, it can have one heck of an impact on brand.

When Burger King’s Twitter handle was hacked today, the brand’s logo was changed to that of McDonald’s. The hackers also posted crude language, @ messages to questionable accounts, and video and photographs that had little to do with the brand and no doubt annoyed followers. Oddly, they boosted Burger King’s followers by more than 20,000 before the account was suspended.

Twitter followers noticed, as did CNN, ABC News and Fast Company’s Teressa Lezzi who published stories about the hacking within minutes.

If you manage a Twitter account for a brand and that account is hacked, what steps should your crisis plan include?

At the first indication of trouble, immediately log in and change the password. If you are able to log in and change the password, go into your settings and review all of the third-party apps connected to your account. Revoke access to all third-party apps until you can better assess the situation. (Be sure to revisit these apps once the situation is under control to ensure all brand account functionality.)

If you are not able to access the account and change the password, go to the Support Request section of Twitter and under Account Access select the “Hacked account” option. This will give Twitter the necessary “heads up” to suspend your account and avoid endless amounts of spam being sent to your followers. It will also allow you to reset your password.

While you work to regain control of your Twitter account, post a notification to your brand’s blog, website and other social platforms. This notification should simply state:

  • Your Twitter account has been compromised
  • You are working to remedy the situation, and
  • Your Followers should not click on any posted links until otherwise notified.

Such action lets your followers know you are aware of the situation. It can even foster good will among followers irritated by the hacking event.

As a precaution, make sure you use a secure password including letters, numbers and capitalization that cannot be easily determined. This password – especially if multiple people have access to the account – should be changed regularly.

Using dashboards like SproutSocial or HootSuite can also help minimize risk. We also suggest you follow @Safety or @Spam to stay alert to the latest spammer activity or malware.

Some crises can’t be avoided. But they can be mitigated through close monitoring, training and ensuring a workable plan is in place.

Interested in training your team to handle a social media crisis? Email us at info@kimballpr.com for information.

Advertisement

Sandy, Superstorm, Frankenstorm—How Agencies Should Handle Any Storm

Posted on by
Reply
Solitude / Foter / CC BY-SA

Like many fellow communications professionals, hearing the words “Frankenstorm” didn’t scare us away from our workdays this week. Some of us may have faced the effects of Hurricane Sandy head-on like one Philadelphia editor, but, for many of us, we could sit at home and work right from our smartphones and laptops without having to feel a raindrop (hopefully.)

So, when the business world is taking a “hurricane day,” what do you do? The answer to this is something agencies hopefully had prepared yesterday.

PR agencies can’t put a “Closed” sign on their email accounts or turn off their smartphones just because they can’t drive to work. Unless major wires are destructed or phones lose the last of their battery life, PR agencies can remain open for business.

Employees need to be prepared to deliver to their clients, communicate effectively with one another and, most importantly, protect themselves, whether a record-breaking hurricane hits or the power just happens to blow out on a perfectly sunny day.

The Quiet Before the Storm

Just as you would prepare for a client—prepare your own crisis communications plan before the event of a crisis. The news and National Weather Service prepared us for a worst case scenario for this #Superstorm, so agencies should be just as ready for their clients and themselves.

As Entrepreneur.com suggests, assess any possible risks your company may face, including weather events and property damage. Moreover, consider what to do if key employees are absent or unavailable; keep contact lists and passwords in a safe, accessible place.

Make the communications plan known to employees throughout the year so your team can navigate as smoothly as possible through a workday with turbulent weather.

On the Big Day

Just like any regular morning meeting, the first step in tackling a storm is to set up a virtual team meeting and prioritize. Over a conference line or chat room, discuss top deliverables that must be completed.

Next to consider is your clients. Alert your clients via email, Twitter—any channel necessary to inform them that you are available to fulfill their needs.

Throughout the day of a disaster, keep your co-workers and clients continually updated on work progress, as well as your safety, and follow these tips from PR News to work from home most successfully.

Finally, keep yourself safe and pass work onto others if you begin lose access to forms of communication. And, if you find yourself sitting in the dark, pull out your nearest candle, take out the old ereader—I mean book—and just wait until the storm passes.

Photo credit: Solitude / Foter / CC BY-SA

Ten Years Later – Are You Ready for a Crisis?

Posted on by
Reply

*Originally published in IMCA’s membership newsletter

In March 2002 I walked into conference workshop on behalf of an insurer to do a presentation on crisis response. It was the same conference and topic that I had presented the year before to about 40 people. This year there was 250 people. They moved me into a ballroom.

Once I got my nerves under control I asked myself what had changed? September 11, 2001, of course. The World Trade Center attacks had put crisis preparedness on everyone’s agenda.  There was a mass wake-up call that we had to be prepared for the unexpected.

Ten years later, I’m not sure we are. In talking to friends in the industry, it is surprising how many companies still define a crisis too narrowly, forget to make communications a cornerstone of the plan, or don’t update their plans to account for new developments like social media.

Even in insurance, an industry that is all about evaluating risk, it is too easy to get complacent. That’s big mistake.

Here is a quick checklist to see if you are really prepared:

Your crisis response plans take into account all types of crises.

The point of a crisis is that it often comes on quickly and unexpectedly. Two things we do know is that you can’t fully predict how a crisis will unfold and you can’t start planning once it happens. So a crisis response plan should cover any eventuality – even if you don’t think it will happen. That means terrorist attacks, natural disasters, medical emergencies (think H1N1), internal corruption, financial issues, employment issues and more.

Your plans include input from everyone who should be involved.

A planning team should include not just public relations and operations, but your lawyers, customer service, human resources, outside emergency management officials and more. You want everyone from every department involved in planning – and engaged in the response.

Communications is a cornerstone of the plan.

Too often a crisis plan hinges more on logistical, financial and legal issues and not on communicating with all your stakeholders – customers, community, shareholders, employees, partners, vendors, etc. In today’s world you are judged by how well you communicate. Be ready, do it well, and you can improve your image during the crisis.

Your media response and social media plans are solid.

You must have designated spokespeople and clear protocol to ensure your company is speaking with one voice, and one consistent and effective message. Get media training for all key players, taking into account all media. And make sure social media is integrated in your plan – how will you monitor and respond using social media?

You have a strong leader who can be your spokesperson and communicate effectively.

You need strong leadership in a crisis. Rudy Guiliani made his mark after September 11. Is your CEO the right one to communicate in a crisis? While he or she is the first and obvious choice, it may not be the best. Remember BP’s CEO Tony Hayward?

Your plan is updated annually and takes into account new developments.

There is nothing worse than creating a good plan and sticking it on the shelf to collect dust. Plans only work if there are frequent updates and practice. We used to estimate that you had to be able to communicate effectively within 24 hours of a crisis. Now, with social media, you must be able to act in an hour. That’s not a lot of time.

If you can’t check off everything in this list, then it’s probably a good idea to take a fresh look at your crisis response planning.  Remember, those first hours after a crisis are crucial to how your stakeholders will perceive your company’s image. Don’t skimp on the time and money in good planning – or you’ll be paying a lot more later to clean up the damage.

Sony’s Hacking Response: The Good, the Bad, the Vague

Posted on by
2

As you have probably heard, Sony has revealed that their customer databases have been hacked twice in the past month, potentially affecting users of their PlayStation Network, Qriocity and Sony Online Entertainment products. Not only have legions of gamers been dealing with a blackout of services that they pay for and fear that their credit card information may have been stolen – but Sony failed to inform them of this massive cyber attack for a week.

According to news reports, Sony learned that they had been hacked on April 19th, took down PlayStation Network service on the 20th, and told customers seven days later, on the 27th. Sony maintains that they were unaware of the breadth of the attack until much later, but I’m not sure that is a good reason for their failure to inform customers more quickly.

Sony gamers, internet security experts, and the odd politician are angry that Sony waited so long. From a PR perspective, the outlook is equally troubling. Sony had an opportunity to take control of the situation and keep this group of highly engaged customers as happy as possible considering the circumstances. Instead, they have turned a challenging situation into a major image problem.

However, I do think some of the lambasting from the press is unwarranted. Sony could have provided more information up front, but they have made great use of the PlayStation blog to consistently communicate with their customers, including lengthy customer Q&As. Of course, the content of that communication could have been better early on.

What do you think? Could Sony have communicated better about this security breach?