Five years ago, a social media scheduling app called Buffer was hacked and began sending spam messages to audiences of social channels belonging to their clients. It’s bad news for any company that utilises social media for marketing or reputation management, but the way Buffer handled the hack provides the perfect case study for what responses work best in crisis situations.
What happened
On the Saturday afternoon, Buffer users began tweeting about spam tweets and Facebook posts. The company responded within minutes with a tweet that acknowledged the problem, then immediately ceased sharing services through all channels while they investigated.
Buffer then created a blog post under co-founder Joel Gascoigne’s name that alerted users to the incident and directed them to the company’s Facebook and Twitter pages for real-time updates. The blog also gave a list of action items customers could use to protect their accounts while the issue was being resolved, and provided further updates where appropriate.
With each update, Buffer gave users information about the extent of the hack’s impact, what data was stolen and how it happened. The company also detailed how Buffer’s security was being upgraded and how users could reconnect their social media accounts to Buffer’s services once the issue was resolved.
Facebook and Amazon Web Services contacted Buffer when they noticed the suspicious activity, offering guidance to Buffer’s tech team as they added new security measures and made necessary improvements. Buffer updated their blog, Facebook and Twitter accounts to keep customers informed, then reassured their audience once Facebook was on board with the fix.
The response and verdict
Despite the hack occurring on a Saturday with team members distributed across the world (so often the case…), Buffer was able to handle the incident quickly and efficiently while minimising the hack’s potential impact on its reputation. The company was able to email all their users within one hour of the incident and responded to every comment or mention received (from what we can see).
Appointing Gascoigne, a Buffer co-founder, as the company’s representative for updates gave its updates authority. By selecting one senior person to be the face of the response, Buffer projected a sense of control, which enhanced its caring and empathetic tone, while maintaining a consistent message.
The speedy and transparent response was well-received by Buffer’s user base – many praised how the company handled the hack, quickly voicing their support just minutes after learning their accounts may have been compromised. Each subsequent update also received overwhelmingly encouraging tweets, comments and messages from users following the incident.
Buffer’s well-received response to the hacking incident also brought in unexpected benefits – the service saw ‘almost record numbers of signups’ during the days of the breach, which Gascoigne surmises is due to positive press on how the breach was handled.
This case is a good representation for how a crisis, when handled well (with proactive and consistent communications), can turn into a positive outcome for your organisation and reassure your stakeholders of your ability to manage whatever challenge is thrown your way.