A single scandal can destroy a carefully crafted billion-dollar brand. The synonymy of Uber with corporate sexual harassment and United Airlines with poor customer treatment showcases how vulnerable large companies are to media attention following PR disasters. In 2017, a massive data breach at Equifax exposed the personal information of over 147 million people and ultimately cost the credit reporting agency $700 million in settlements. The agency’s slow and inadequate response to the crisis marked a massive public relations failure and crowned Equifax the poster child of data breaches.

Since then, many would be surprised to know that more damaging breaches have occurred, but they’ve largely escaped the same level of media scrutiny. For companies facing similar crises—most recently Capital One in July 2019—it’s important to learn from the successes and failures of predecessors in order to craft a more effective communications strategy.

We investigated which factors are most damaging to a company’s reputation following a breach. We deployed Quid to examine the patterns and trends in media coverage on past data breaches and compared it with the extent of damage done. Our study surfaced opportunities for companies to develop stronger crisis communications strategies.

News network analyzing 309k stories and highlighting top themes in media coverage of data breaches from the past two years. Colored by theme.

To start, Equifax has remained in the headlines since September 2017, even dominating mentions in the news during the month of Capital One’s recent breach.

In order to understand how Capital One’s breach compared to breaches of recent memory, we identified 7 other leading companies: Equifax, Marriott, Yahoo!, Facebook, Twitter, Uber, and Quora, which have been attacked in the past two years.

Among these companies, Equifax consistently surfaced in the news around data breaches and received the largest share of media attention (37% of all stories), distantly followed by Facebook and Marriott at 19% and 13%, respectively.

Timeline of news coverage on data breaches from January 2017 to August 2019. Colored by company.

As it turns out, the volume of media coverage is not representative of the severity of the hack.

We used Quid to compare the extent of damage from each data breach with the amount of media coverage it received.  While Equifax was by far the most-covered breach (with ongoing ramifications), it was not the most damaging one. Seen below, Marriott’s 2018 data breach compromised more than twice the number of records than Equifax’s, but the company received just a fraction of the coverage. The other six companies, especially Capital One, Twitter, and Uber, remained comfortably under the radar with far fewer stories from news outlets.,

A deeper dive into the coverage around Equifax revealed that one PR disaster after another kept the company in the headlines and at the receiving end of public ire for months after its data breach. What were some reasons for the outsized response to the Equifax breach? For one, the agency waited six weeks before it announced its massive breach that compromised the data of nearly 150 million Americans. When it did, Equifax chose not to notify the people who were affected, but instead redirected customers to separate website that had additional security concerns. Promises of free credit monitoring were contingent on enrollees waiving their rights to sue the company and, to top it off, three Equifax executives sold shares of company stock days after they found out about the hack.

Comparison of the severity of the hack and the amount of media coverage for six companies. Arranged by max to min damage from left to right.

The narrative around the Equifax breach evolved over time, from breaking news of the hack itself to arguments for stronger regulation and, more recently, the agency as a benchmark for assessing other hacks and settlements.

Initially, articles on the Equifax breach primarily focused on the announcement of the hack and the CEO’s retirement. By February 2018, stories on the need for stronger regulations around data privacy and protection began to enter the conversation, picking up steam earlier this year. From November 2018 to January 2019, Equifax frequently appeared in stories related to the Marriott breach. Most recently, coverage of Equifax’s massive settlement has led to the credit agency being used as a reference point for assessing hacks at other financial corporations.

Stacked timeline of news articles on the Equifax data breach from the past two years. Colored by tag.

For Capital One, the most recent large company to fall victim to a data breach, it is still too early to tell how their media narrative will shift over time. However, we found that stories on the arrest of the alleged hacker, former Amazon employee Paige Thompson, drew greater interest with readers online than those covering the damage caused by the hack or changes to the regulation landscape. Much like the popularity of Equifax’s $700M settlement, this suggests that readers are more interested in following the scandal around a hack versus the efforts on protection. Thus, it might be worthwhile for Capital One to continue to monitor the headlines and contain the media attention on the hacker investigation.

Equifax’s uncoordinated disclosure of the hack left room for speculation, but Capital One and other companies can avoid a similar blunder by knowing which reporters are shaping the story around their breach. 

Using Quid to assess engagement metrics and filtering by reporter and news outlet, we found that stories by CNN’s Rob McLean, Bloomberg News’ Kenneth Wong, and the Washington Post’s Devlin Barrett have brought the most attention to Capital One’s breach. McLean’s article, A hacker gained access to 100 million Capital One credit card applications and accounts, described the Capital One breach as “one of the biggest data breaches ever” and saw syndication in 74 publications. Another by James Jackson and the Associated Press, Capital One says data breach affected 100 million customers; suspect charged, spent more time discussing details surrounding the arrest of the hacker, noting only that Capital One said it “acted quickly” once it knew of the breach.

To keep control of the narrative and avoid any miscommunication, Capital One should consider prioritizing reaching out to these reporters and outlets with updates and first-hand information.

Bar chart ranking news stories by engagement. Filtered by reporter and outlet.

The difference between a catastrophic data breach and “just another” data breach is often not the damage of the hack but rather how the event is covered by the media. In many respects, Capital One and the other companies to inevitably follow are just one bad PR strategy away from being the next Equifax. Quid enables companies to gain greater visibility over the narratives shaping public perception of an incident to retain market trust and proactively shape the conversation following a corporate disaster.

Want to learn more about how your company could be better prepared with a data-driven crisis communications strategy? Get in touch at hi@quid.com.

Premier social media analytics platform

Expand your social platform with LexisNexis news media

Power of social analytics for your entire team

Media analytics and market intelligence platform

Enrich your media analytics with social data

Media coverage for historical & real-time monitoring

Data streams & custom KPIs for advanced data science

AI, Image Analytics, Reporting Tools & more

Out-of-the-box integration with other data sources