In the dim light of the observation room, we listened intently as a focus group wound through a discussion on the other side of the one-way glass. A key prospect was talking about his perceptions of the client’s brand. We hung on each word—who doesn’t want to know what somebody really thinks of you—and were about to be punched in the gut. “I just don’t have a good feeling about them,” he said, “I don’t think they know how to spec a project.” Behind the mirror we turned and looked at each other. How could he say something like that? This client’s company was the third largest of its kind in the country. It was highly successful. Developing accurate specifications was something they did in their sleep. How could he have this perception?One person in our group sighed. “I know why he said that,” he murmured, “About 10 years ago we speced a project for this guy, and we made a big mistake. We didn’t get the job and he hasn’t called us since.” One mistake, a decade earlier, and for this prospect the brand had never regained his trust. The error had lost them a valuable piece of business, but it had also locked them out of a chance to redeem their image with a potential client who could have brought them numerous projects for many years. Fortunately for this brand, it was only one mistake with one potential customer.Multiply that by 40 million and what do you get? Target.You have undoubtedly heard about how hackers using sophisticated techniques managed to grab the credit and debit card information of more than 40 million of Target’s customers who made purchases during the recent holiday shopping season. It was the story that kept on giving as at first Target announced the breach, but assured their customers that their PINs (personal identification numbers) had not been accessed, then admitted that they had been, but were encrypted, then conceded that it would be possible to break the encryptions.Thanks to this monumental security breach, 40 million customers felt at least a small wave of panic and have had to put in motion all manner of calls to their banks and credit card companies to protect their accounts. (“Hello, thank you for calling, you are caller number 312,175 in the queue.”) The highly- recognizable bull’s- eye logo of Target has been placed squarely on its proverbial backside.With no focus groups required for input, Target is facing a lengthy list of damages from a breach that may not have been their fault, per se—is it a bank’s fault if it gets robbed?—but is surely their responsibility. They have already diverted tremendous resources to handing customer outrage and will likely offer some form of compensation to those who actually lose money. Other companies have offered free credit protection services for a year and other assistance in similar instances.The long-term damage will be measured in years, however. And in an industry where one- percent changes in same- store sales are considered victories in the plus column and defeats in the minus, Target could easily face a long- term drag on their growth as even loyal customers are cautious about returning and/or using their credit or debit card on the next trip.If there is a silver lining for Target in this mess, it’s that well-established brands usually survive a crisis like this, in part, because their strength can transcend one big mistake. Two years ago, Toyota was badly dinged by their issues with unintended acceleration. Sales took a big hit, but have mostly recovered. Target is also viewed by some as a victim. After all, Toyota’s problems were due to their own engineering failures, while Target fell prey to an astonishing criminal act. But while a bank would not normally be blamed for being robbed, if all its branches were robbed at the same time, more than a few people would ask questions about their security processes.Of course, as a result of this, every company that keeps sensitive information is reviewing its security procedures to avoid a similar calamity. But even if a brand doesn’t store this kind of information, it would be wise to ask itself where its trust with its customers is most vulnerable to brand damage—whether it be as simple as a single mistake on specifications, or as monumental as a theft of the personal data of millions of customers.
As published in the Central Penn Business Journal.