Social Engineering Crisis - Case Study

 
Intrepid - Social Engineering Crisis Case Study
 

Situation

A high-end west coast retailer was the victim of a phishing attack when a controller replied to an erroneous email and provided tax information for hundreds of current and former employees.

Task

Intrepid received the call at 10 p.m. and by 10 a.m. the next morning had tailored and began executing a response plan specific to the company and its industry, including immediate and contingent messaging for key audiences.

Action

  • Developed response plan and messaging
  • Worked closely with outside legal counsel to craft and refine communication materials
  • Trained key executives on how to communicate with employees/other audiences
  • Monitored social and traditional media for fallout

Result

The retailer successfully communicated with key audiences in a straight-forward and transparent manner, which helped mitigate and contain the issue while upholding trust. As a result, the issue never became public. Additionally, the client’s legal counsel said the communication effort was the fastest and most efficient it had experienced.