Hacking: Customers appreciate honesty
A Philadelphia-based e-commerce company, Ecount, has shown that when it comes to dealing with customers, honesty does pay.
When things go wrong in business, how you react makes all the difference. The history of marketing abounds with products that have permanently vanished from the shelves because of badly handled disaster recovery or even simple, plain misjudgement. Customers are not stupid and if any sort of subterfuge or concealment of facts is discovered they are often quick to vote with their feet. How many times, after national news bulletins have carried reports of, say, glass being found in cans of food, are we met with recall notices claiming that "the item does not come up to our extremely high standard of purity?" Is anyone fooled? What impression does it make?
The recent experiences of a Philadelphia-based e-commerce company, Ecount, have proved that when it comes to dealing with customers, honesty does pay.
Extortion In an isolated incident in August, a cyber criminal hacked into Ecount's database, and then notified Ecount that he had its customers' credit card numbers, and threatened to go public. Ecount knew very well that he could not have had them: it is company policy not to store clients' credit card information. However, Ecount's own account numbers look like credit card numbers. The criminal's purpose was to extort money from Ecount. He has since been frozen out of the company's systems by beefed up security measures.
Within 24 hours of detecting the break-in, Ecount retained a team of experts from Ernst & Young's Fraud and Security Unit. The company then informed its customers what had happened, blocked and re-issued accounts and passwords, contacted the media and authorities, and informed the hacker that it would not negotiate with him.
Realising that his extortion attempt had failed, he e-mailed Ecount's customers directly. However, the company had pre-empted him in that attempt as well by warning the customers in advance of his plans.
Positive The response from Ecount's customers has been overwhelmingly positive, with many expressing gratitude for the honest way in which they were kept informed, and the prompt and comprehensive action taken to correct matters. According to Ecount's CEO, Matt Gillin, "We hope that Ecount's success in working with our customers to thwart this attack can serve as a model for dealing with these unscrupulous cyber criminals, and provide a deterrent to future attacks on innocent companies such as ours."