I received an email this morning from Buffer stating they were hacked. Buffer was sending spam from users accounts opposed to the original content. Immediately I rolled my eyes and thought of the linked accounts I have to the service and the annoyance of changing my account details across three to four social media outlets. There were friends, businesses I deal with, and many others in between who were affected.
As I read on I noted something very different about this “admission email” and it was something that was refreshing. The emails stated Buffer was hacked one hour ago. Not one day ago, last week, or even last month. Under an hour. The response was immediate like a well rehearsed fire drill and everyone knew their place.
Outlining who and what may be affected Buffer offered continuous updates and links to their support pages for this information. Also listed was the steps taken to ensure temporary disconnection of Buffer services. Buffer also took the liberty to mute all Facebook posts temporarily whilst working on a resolution. This speaks volumes of their plans, their contingency, and how they have approached a breach: with full transparency.
There are many cases where hacks have attempted to be hidden or masked as other operations. The infamous Sony breach brought down the PSN for over a month after a week of denying issues. Adobe was broken in too and was sheepish in admitting to it. This is our data and we can speak with our subscriptions. Look at the support towards the company across social media channels:
Doing it right and it isn’t just my thoughts.
So this is a real example that everyone should take note. In breaches to come I think the way that Buffer has handled its response speaks more than any cover up or subsequent discount can. Anyone in PR, HR, or anything to do with a companies social strategy please look at take note how Buffer did it. Is this how you deal with a breach? Is this how you respond? All hands on deck giving and providing insight into what went wrong are the best way forward – not putting the black curtains up and locking the door like so many before them have.
Thank you Joel and the Buffer team – you’ve gained a big dose of respect and I think a subscriber.
Live feed: Click Here
Update 1: Facebook posts have been restored.
Update 2: Adjustment to Twitter token storage and a fix deployed.
Update 3: Working with AWS and Facebook to resolve issues. Closer to resolving.