It’s the nightmare scenario: A ex-Amazon employee is arrested for stealing credit card application data for 106 million people, plus 140,000 Social Security numbers and 80,000 bank account numbers — and then brags about it online.
When it happened to Capital One, the organization braced for the onslaught of media coverage and concerned cardholders. The bank is expected to incur $100-to-$150 million in breach-related costs for customer notifications, credit monitoring, technology costs, and legal support. It followed textbook crisis communications with an announcement and a detailed set of FAQs. Capital One, cloud vendor Amazon, and tech developer site GitHub are all facing lawsuits in the wake of the breach.
These are well-known companies, but in reality, cardholders don’t care whether an incident is a high-profile breach or an isolated attack. They expect immediate action, fast resolution, and clear communications. According to the experts at Wright-Patt Credit Union ($4.6B, Beavercreek, OH), the best way to respond to a card breach is to be prepared before it happens. Here, they share best practices for handling card breaches and helping members avoid them.
continue reading »