-
The latest investigation into the massive data breach at Target has found that hackers entered the retailer's network by stealing a vendor's password and then patiently waited until the busy holiday season to strike.
February 11 -
Target's cybersecurity staff urged the retailer to review the security of its payments system at least two months before hackers compromised its network, according to a report in the Wall Street Journal.
February 14 -
The latest investigation into the massive data breach at Target has found that hackers entered the retailer's network by stealing a vendor's password and then patiently waited until the busy holiday season to strike.
February 11
Talk about a momentary fright.
Phone calls interrupting my lunch are common, but this was one of my primary financial institutions trying to reach me, according to caller ID.
To my amazement Ruth Artis, the chief executive of BOND Community Federal Credit Union, greeted me. My debit card had been compromised in the Target data breach and would be replaced, she said. My new card would arrive in a couple of weeks.
It was a much more personal and ultimately more comforting approach than the automated voice message I'd received earlier from Bank of America (BAC) on the same subject. Her actions were a lesson in crisis management for all businesses, regardless of their size.
With my news sensors buzzing. I told Artis that I'm an American Banker reporter and that our publication has been
Artis, of course, is able to contact me directly, while it's unfair TO EXPECT B of A CEO Brian Moynihan to call me. BOND CU is tiny. It holds only $40 million of assets and it operates a single branch in the hip Little Five Points neighborhood of Atlanta, an office where customers can sit in rocking chairs while waiting on a teller.
Still, I would have preferred a little more personal touch from B of A.
A few days before Artis called, I received an automated voice mail from FIA Card Services, B of A's credit card subsidiary. It was one of those messages that run on a loop. My message started near the end of the loop, in mid-sentence, making it confusing to understand. It was something about fraud and my credit card. I replayed the message a couple of times to figure out what they were talking about and even then it wasn't totally clear.
I thought it was probably about the Target breach. But, I had traveled to Canada a couple of weeks earlier. I called FIA just before I left, per its advice, to let customer-service representatives know of my travel plans and that I'd be using the card for purchases outside the U.S. Maybe the fraud was related to something I'd bought in Canada?
I called the customer-service number on the back of my FIA card and spoke to a real person. The response was less than ideal. The call-center agent said my card had been affected by a recent fraud at an "undisclosed retailer." I've never set foot in a Neiman Marcus, and I rarely buy anything in a Michaels store. I asked if the retailer was Target, but the agent declined to answer.
I asked when the fraud took place, and again the agent wouldn't provide any details.
B of A missed a major chance to get creative somehow and score points with me, says Shirley Inscoe, a senior analyst at Aite Group.
"I would have to say that was pretty poor customer service," Inscoe says. "That's such a lost opportunity."
Aite's research has shown that a bank's business can be hurt when it communicates poorly about fraud, Inscoe says. Customers will often put those replacement cards "in the back of their wallets" or stop using them outright.
Betty Riess, a B of A spokeswoman, says that when a customer's account information is compromised, "our primary focus is on taking steps to protect the customer and reissue their card." B of A
An automated message is not necessarily a bad idea, and for a giant institution like Bank of America, it's far superior to a letter in the mail, Inscoe says. But the automated call could have been handled much better, she says.
"It's so important [the bank] let the customer know their card is safe and that they appreciate their business," Inscoe says. "It sounds like the fraud department is handling the communication and the marketing department is not as involved as they should be."
The personal call I got from my credit union's CEO, on the other hand, was perfect, Inscoe says.
"I can't imagine that anything else would rank above that," Inscoe says. "That has to be the ultimate in customer service."
It's a good thing my cards are being replaced and I do appreciate the personal touch my credit union provided. Still, I hope this is the last time anything like this happens.
Andy Peters covers regional banks and consumer finance for American Banker.