A Forbes survey earlier this year found it was the 21st most admirable company in the world. In general, it seemed largely immune to the PR pitfalls that often befell its competitors like Wal-Mart and TJX Companies.
That is, until yesterday.
If you have not been following the news as of late, Target has been facing the ultimate holiday season retail PR disaster: Hackers obtained data from up to 40 million credit and debit cards that were used by shoppers in the notoriously busy weeks leading up to and following Black Friday.
As a member of the customer support team here at HubSpot, I feel that there are a number of lessons that can be taken away from Target's reaction to these events, all of which are applicable to any business that suffers a customer service or PR crisis:
1) Transparency matters.
It doesn't look good when news outlets beat you to the punch on an announcement like this, especially considering that every second counts for those whose information was stolen. Certain sources broke the story the day before Target had even posted an official statement -- a move that was understandably unacceptable to many:
Taking into account the fact that the fraud apparently took place for 19 days -- a period during which Target's support team must have received plenty of negative customer feedback concerning the issue -- it seems a little hard to swallow that they were only able to notify those affected of the security risk this week.
Over-communication and transparency with customers in a time of crisis is crucial. For example, when HubSpot support becomes aware of any serious issue with our services or software, we immediately make sure it is posted to our dedicated notification center for emergences: trust.hubspot.com, and start working with our social media team to communicate intelligently with those impacted. (More on that in a bit.)
This silence from Target not only looks irresponsible, but also allows suspicions to rise and rumors to fill in the blanks. Many will likely insinuate that Target was not forthcoming on purpose -- we are smack dab in the middle of the busiest shopping seasons of the year, after all -- and that they had a huge incentive to delay the story from breaking to help stave off potentially plummeting sales.
2) Use social media to your advantage.
Social media can be a powerful public relations recovery tool when used properly. Using Twitter and other mediums to be transparent and reach out to customers can make all the difference in the way the event is perceived by the general public.
And, frankly, there's a good chance your customers will take their grievances to social media -- whether you're monitoring there or not. One of my co-workers was worried about her own credit card since she'd shopped at Target, and here's what she did:
That's right, she took to Twitter. To Target's credit, they did eventually work to do damage control through using different social media outlets. For instance, they started to do triaging on Twitter, and used a Facebook post linking to this statement on their website with clear instructions for those who were affected.
Ultimately, however, their recovery efforts felt like they were too little, too late -- and that will have a huge impact on both their customer support team, and likely future sales.
3) Be genuinely empathetic.
One of the most important things I've learned working in customer support is that empathy is the key to resolving customer grievances. Only when you demonstrate that you truly understand the pain and frustration the customer is facing can you effectively resolve their issue.
But Target's language and overall response to this crisis felt cold and indifferent -- take a look at their Facebook statement, for instance:
When you fail to effectively empathize with customer pain, they're less likely to be forgiving when you mess up. Don't go for the stilted, PR-positioned statements -- be honest, show that you understand how serious the situation is, and sound like a human.
This did not have to be a disaster for Target.
It's hard to say how much blame Target truly deserves for the actual breach in security -- it's too early to say if it was due to negligence on their part, or perhaps the credit card companies themselves. One could argue that it is virtually impossible for a company with such a large infrastructure to keep up with elite hackers like the kind who made easy work of the United States' own cyber-defenses.
But even if it turns out Target wasn't to blame for the initial incident, their response alone has determined that this was a disaster for the company's brand image. By not listening to their customers and staying silent for too long, Target lost the opportunity to define the narrative of the story, and subsequently lost the trust of a lot of their customers.
So, how do you think Target should have handled the controversy? Were they negligent, sneaky, or simply in over their heads? If you were a Target customer prior to the crisis, will you continue to be one now?