Cyber-attacks were placing the reputations of banks across the UK at significant risk in 2015. With a duty to safeguard thousands of customers personal, sensitive data; the size of the risk is substantial.
Scale of the problem
Igniyte’s director Simon Wadsworth recently noted that cyber-attacks on large brands are becoming more frequent. He cited the example of TalkTalk; the telecoms firm was targeted in an attack that saw more than 221 million email addresses compromised. They’ve since racked up nearly as many complaints as EE – both of which have far worse records than any other provider.
The problem isn’t restricted to TalkTalk – it’s a particular issue for the UK’s banking industry. The Telegraph has reported that a security hole at Halifax and the Bank of Scotland (both part of Lloyd’s Banking Group) – has put tens of thousands of customers at risk of fraud by leaving their financial activities visible to anyone.
The issue was first discovered by Money Saving Expert, and the banks have since enforced additional security measures to safeguard consumer data. A spokesman for the group commented: “We know that a maximum of 23,000 customers could have been affected by this issue. Of these account openings there have been no instances of fraud or indeed any customer complaints as of yet.”
Opening for fraud
This security hole may not have resulted in fraud, but figures from the Financial Ombudsman show that fraud is a prevalent issue for the industry. Between April 2014 and March 2015, the Ombudsman received 598 complaints concerning credit card fraud at Barclays, 397 at Santander 131 at Nationwide, and 316 at Lloyds Bank.
Furthermore, figures quoted by the Daily Mail show that online banking fraud cost UK consumers £29.3 million in 2014 – a 71% rise from the year before. Together these figures prove that cyber-security is fast becoming a pressing issue for every bank throughout the UK – one that you can’t ignore if you want to retain your customers.
Value of trust
The Edelman Trust Barometer 2015 indicated that 83% of respondents see it as important for banks to protect customer data. If your bank allows information to be hacked you’ll lose trust; 63% of said that they’ve refused to purchase a product/service because they distrusted the firm behind it.
The Perceptions of Business Transparency report showed that half of British adults believed that the conduct of banks linked to the financial crisis has damaged their trust in all businesses. In last year’s Global Consumer Banking Survey 11% of respondents said they’d gained more trust in the banking sector over the previous year; 15% of British consumers still said they had minimal or no trust in banks.
2015 would have been the worst time for your bank to fall prey to a cyber-attack that’ll decrease consumer trust – especially as they won’t hesitate to tell other people. 58% of people questioned in the Edelman Barometer said they’ve shared a criticism of a firm they distrust. Bright Local’s 2015 Local Consumer Review Survey found that 92% read online reviews to determine whether a local business is a good firm.
87% of consumers questioned in Smart Money People’s Customer Reviews in Finance Survey believed customer reviews of financial services are at least “somewhat important.” Google trust consumer reviews as well, so these reviews often register on the first page of a Google search for your company. If your bank falls lost customer data, the affected customers would have likely generated unwanted content which would have damaged your firm’s reputation online. Which would then have posed the issue of you dealing with negative content online.
How to respond
You need to develop a strategy to respond to a cyber-attack, so that the loss of customer data doesn’t damage your bank’s reputation online. Here are several tips that banks can utilise to defuse the situation:
- Focus on security: You should ensure you have sufficient security systems and monitoring services to prevent a hack. If one does occur the first thing you need to do is ensure these security systems are updated, so that you don’t lose more sensitive customer data.
- Express confidence: When Talk Talk were hacked they shut down all social media activity and communication. This suggested that they didn’t have a plan to deal with the problem, causing a panic and making it worse. You should ensure you respond in a confident manner to limit the impact of a cyber-hack on your bank’s online reputation.
- Help your customers: You don’t want to cause a panic, but you don’t want the problem to get worse either. You may need to tell customers to be extra vigilant with personal data online to prevent further incidents which will inflict more harm on your bank’s standing with other consumers.
- Be consistent: You need to ensure that the way the entire bank responds to a cyber-attack is consistent. If different teams offer various responses, you’ll confuse consumers and imply you’ve lost control of the situation, calling your credibility into question.
Limit the damage
We have seen that increasingly, cyber-attacks are becoming a problem for banks throughout the UK. If you fall victim to an attack and lose sensitive customer data, your reputation online will suffer if you don’t have a plan in place to limit the damage.