Corporate PR hacks need more original material. Stop saying, “We take your privacy and security seriously”.
About one-third of all 285 data breach notifications had some variation of the line.
It doesn’t show that companies care about your data. It shows that they don’t know what to do next.
Companies don’t care about your security. You have to care about your security. Companies collect data about you, and use that data to make money. Actually putting security in place, keeping systems up-to-date, removing old data, and in general being responsible doesn’t make them money and in fact costs a fair amount. They can’t be bothered.
So they get hacked. Then they deflect, defend and deny. Case in point: OkCupid.
Instead, OkCupid’s response was to deflect, defend, and deny, a common way for companies to get ahead of a negative story. It looked like this:
- Deflect: “All websites constantly experience account takeover attempts,” the company said.
- Defend: “There’s no story here,” the company later told another publication.
- Deny: “No further comment,” when asked what the company will do about it.
And if they are really caught behind the eight-ball, they will pay for 1 year of credit monitoring. Thanks, but I already pay for that, it is a better service than they usually offer, and I need more than 1 year.