A PR crisis from a customer’s viewpoint: Garmin’s hack

Blog

Our Account Director found himself witnessing an unfolding PR crisis – only this time from a user perspective. Here’s his lessons for businesses

Garmin connect website error message following reported cyber attack | PR crisis

Lockdown’s swift closure of gyms saw me rethink my exercise regime. For the first time ever, I became hooked on pounding pavements. 

It started as an outlet to channel my energy, though my competitive nature soon kicked in – and I became one of those annoying runners who are unashamedly obsessed with bettering personal records.

Fast forward a couple months and as the proud owner of a brand new Garmin watch, I’d be able to track and record my runs and cycles, while monitoring pace and heart rate. You know, the essential stuff!

Excited to start using it, on the first attempt at recording a session I was hit with a “servers are down for maintenance message” from its supporting software, Connect.

Thinking little of it, I checked later that day, only to see the same message. This started to seem a little strange. When it still appeared “down for maintenance” the following day I checked twitter to see the official line from Garmin (the global leader in fitness watches no less) and was hit with a vague message:

Garmin's tweet following its system outage | PR crisis

Suspicious, I did a bit more digging and noticed that specialist and tech websites were reporting that several Garmin employees had leaked that it had been hit by crippling ransomware – essentially meaning hackers had encrypted and blocked access to Garmin’s systems, requiring the US brand to pay a huge ransom to be allowed access.

Four days later, and this story has now hit the mainstream, with Garmin reported to have a $10million “fee” levied at it to regain access. Yet since that vague two-part tweet, the only other official line from HQ is a short “FAQ” page that still gave no reason for the meltdown.

As a full-time PR operator this afforded me a perspective I haven’t really had before. Suddenly I was frustrated by a brand’s inadequate comms response as a customer. Thankfully, it reaffirmed all the best practice I’d been taught and learned over the years.

With every sympathy for Garmin’s tech teams who will be frantically trying to save its vital systems (not to mention their jobs), here is the brands litany of PR mistakes, what it should have done – and why businesses must put communications firmly at the top table, whether in a crisis or not.

Error 1: It created a vacuum

In 2020 we’re not unfamiliar with systems being down for maintenance. Yet hiding under this cloak for close to a week has created a vacuum that has been filled with blind fury from users on social media. Ransomware can strike any and every business. As soon as it became clear this was the cause it should have been transparent and worked to build trust in its communications. Done right, this could have shifted anger from Garmin towards the sinister international hackers.

Error 2: A bland statement loses empathy

The actual initial statement itself is horrible – and sounds like it was written by a robot. “We are working to resolve this issue as quickly as possible and apologise for this inconvenience” is not language that real humans use in natural conversation. Again, this language alienates customers. It’s hard not to see this as being “fobbed off”. Not good – quite possibly the result of being written by committee – or an overzealous lawyer.

While Garmin clearly can’t make promises, it should have highlighted how its teams are working day and night to get to the bottom of this, with a pledge to keep its crucial customers up to speed.

Error 3: Too one dimensional

With what appeared to be no resolution and no plan, it took Garmin days to react – and when it did it was inadequate. Eventually its “FAQs” were posted, not answering any of the “real FAQs” a quick scan of twitter would reveal. Not only that it undervalued the crucial role of both the specialist and mainstream media, providing no confirmation or statement to either, as it continued to dig a hole.

In the current age, a crippling cyber attack is sadly always a possibility – and most customers will be understanding. Garmin should have rolled out a quick crisis plan spanning its website, app, customer newsletters – and this should have been centred on a carefully and sympathetically crafted media statement.

By ignoring the requests of the initial media requests it has battened the hatches, leaving customers irate.

With news mostly read online and social media expecting an instant response, taking days to formulate responses isn’t acceptable either.

Error 4: Not recognising the “real crisis”

Arguably, one of the biggest collective failings of the PR profession is its inability to highlight how business critical its advice is.

BP’s Deepwater Horizon disaster in 2010 should have proven once and for all how – from a business point of view – the PR aftermath can dwarf the financial cost of the initial crisis.

In that situation, BP lost around $100billion, when its official fine, including to cover the clean-up of the environmental disaster, was $30billion – with the difference owing to its shambolic and insincere crisis management, spearheaded by its hapless CEO, Tony Hayward.

While Garmin’s outage isn’t on the same scale, the lessons for it – and all businesses are there for all to see. The real business damage is done with a poor reaction, not usually at the time of the event.

Is your brand ready to deal with a potential PR crisis – and protect its most precious asset?

How you respond when the spotlight lands on your brand can have huge implications for your business. We work with brands every day to not just protect their reputations, but to enhance them and ensure that – when crisis hits – they are best prepared to deal with it.

If you’re interested in learning more about our crisis communications, or any of our services, get in touch on 0131 561 2244 or by using the form below:

Contact Form