1. Address It As Soon As Possible

Once you become aware of the data breach you need to start collecting data and drafting a statement. Lots of attention is paid to how long it takes a company to respond in these situations, and any significant delay is seen as the company trying to hide something.

Of course, you don’t want to draft a vague statement with minimal information just to get out ahead, because you run the risk of releasing an inaccurate statement. Instead, wait until you’re absolutely sure you know what happened by running a thorough investigation.

If it’s taking a long time to uncover the details of the data breach, it might be worth drafting a preliminary statement that says what you know so far and that you’re looking into the issue further.

2. Be Apologetic and Reassuring

When drafting your statement, and throughout all your public facing actions, make sure to be apologetic and reassuring to your customers. Saying anything that could be perceived as making light of the situation or not taking it seriously is liable to upset your customers and your reputation.

A good example of this is LinkedIn’s data breaches in 2012 and 2016. In the latter breach, Mark Zuckerberg’s LinkedIn information was used to access his unused Twitter and Pinterest accounts because he made the mistake of repeating his password across platforms.

It would’ve been very easy for LinkedIn to poke fun at Zuckerberg’s lack of common sense, but instead they took full responsibility and remained professional in their response.

3. Be Transparent

It’s important that marketers looking to regain trust don’t hide any information from their customers. The data breach has happened, so any denial or glossing over runs the risk of damaging your reputation even further.

Hiding information to protect the reputation of your company seems like a good idea at the time, but only serves to damage your reputation in the long run. Owning up to your mistakes actually builds trust because the customers know that you’ll own up to any mistakes you make in future.

4. Fix Your Systems and Celebrate It

Once you’ve figured out how the data breach happened, put resources into fixing the issues and start drafting a statement around it.

Good marketers turn every negative opportunity into a positive; just make sure it’s in a subtle way that doesn’t sound like you’re pleased with what happened. You can show that this data breach was actually good because it allowed you to plug holes in your system but be very careful not to say it outright.

If you can, get the idea across that your security system is tighter than before – and tighter than your competitors’ too – after this breach. Also, state exactly what you’ve done so you can definitely regain the trust of customers and convince them to do business with you again.

5. Make Sure Employees Don’t Leak the Breach Before You Address It

Be very careful which employees you discuss the data breach with. Every company has one or two employees who like to discuss work in detail once they leave the office, and you don’t want them speaking to the wrong person, i.e., a journalist or the friend of a journalist.

Of course, you want all hands-on deck to resolve this issue, and leaving employees out of the loop might seem counterintuitive. If you decide to let them know, make sure they’re aware the marketing team is in the process of drafting an official statement and you don’t want any information leaked before you know what’s happened.

6. Reward Affected Customers

Despite all your efforts, it’s inevitable that you’ll lose some customers from this data breach. Trust is very easy to lose and difficult to regain, especially when your competitors get wind of the situation and decide to capitalize with their own negative marketing.

Offering a generous discount to your customers, or some other reward unique to your business, isn’t a bad idea. Just make sure it’s subtle and doesn’t seem like a bribe. Don’t make it too flash or expensive – the goal here is to show how much you value customer loyalty.