Zappos needed the goodwill it built for its brand last weekend when hackers broke into one of the company servers and accessed account information for 24 million customers.
Zappos has always taken an unusual approach to customer service, and that extended to the way it handled the data breach.
When the breach hit, CEO Tony Hseih sent an email to both customers and employees, detailing what the company knew and how it would respond. Hseih held a news conference the next day to confirm what had been done.
One big, unusual step, which Hseih outlined in his email: Zappos canceled all its customers passwords -- every last one of them -- and required customers to reset those passwords at next login.
Conventional wisdom among security and marketing analysts holds that after a breach you don't issue an immediate email blast and a massive password reset. It's customary to take a bit of time to analyze the breach more closely.
Sony took its time when faced with a similar breach last April. The attack on Sony's database was more devastating to customers because Sony had been storing passwords in plain text. (The Zappos passwords were encrypted, although details are sketchy about the type of encryption used.) Both Sony's reputation and on-going operations suffered serious harm.
Contrasted with the Sony stonewall, Zappos's response is genuine and even fresh.
Some customers are upset, but not many and not very much. No press reports, other than The Onion, have quoted customers saying anything negative about the breach or the company's response. An ITBusinessEdge writer mentions that her unnamed friends were concerned, but not to the point of leaving Zappos.
Comments on the Zappos Facebook page and in Twitter are equally balanced among complaints, expressions of support, and notes of concern.
Regular customer service was, not surprisingly, disrupted during the Great Password Reset. Some customers were having difficulty getting return, exchange, and delivery problems resolved.
In another bold customer service tactic, Zappos shut off its phones on Sunday rather than putting people on hold. Zappos concentrated its customer support on email. The phone lines were still down on Thursday. Zappos took the lines down in anticipation that they'd be overloaded, and the belief that customer support reps were better off spending their time on electronic support in lieu of wrestling with the phone system.
Customers were told on the Website that it would take up to 30 minutes for the password reset email to arrive. It took much longer. Tom Merrit on Tech News Today waited four hours for the email, which arrived live during the show.
Customers outside the US are still having trouble connecting to the Zappos site.
The analysts saw a teaching moment. News sites, as well as technical and security channels, encouraged people to develop better habits for online shopping. The guidance fit nicely with Zappos's plan. Marketing departments benefit when a company includes clear messages about data and operational security.
Days after the breach, Zappos's marketing is returning to normal. Its Twitter and Facebook streams are talking about shoes as much as password resets.
This is not the first time Zappos has had to face a tough decision caused by operation error. In 2010, Zappos accidentally mis-priced all shoes as $49.95 or less. It fulfilled the orders placed at the incorrect prices, even for shoes costing many hundreds of dollars. The response, which cost the company $1.6 million, won praise from customers and observers.
With that mixup and now this, Zappos may be pushing its luck on operations, but its overall marketing strategy of service excellence is leading it through bad times and back to good ones.
— Karl Hakkarainen is an independent consultant who works with organizations and professionals in healthcare, law, education, and social services for whom marketing is a novel and somewhat suspect venture. He applies his 30+ years of connected communications to help them tell their stories in ways that fit within their traditions and the laws of their professions. Karl is a graduate of Amherst College and of Mount Wachusett Community College.
The CMO Site is an executive social network that provides CMOs and other marketing executives from the world’s leading organizations with a real-time, online venue where they can convene to discuss how they're delivering on the most critical marketing priorities. Join us!