When blogger Arysan decided to access his phone bill online, he discovered a major glitch in the telco’s online platform that led him to random accounts of other subscribers whenever he logged into his account.

Wrote Arysan,

So today, i was logging in my maxis account and i found that it has logged me on a different account. And each time i logout, and re-login, it will bring me to another new account. And i’ve been seeing other people’s emails and telephone number and also be able to browse their phonebook that they backed up with maxis. THIS IS A HUGEEEEE breach of privacy. I tweeted about it and got re-tweeted by some of influential people. And later got a phone call by Caroline (their social media rep i think) demanding me to remove my screenshot due to privacy. Ok, i admit that i screenshot the phone number and email without masking it, so fine, my bad. I will now re-post the screenshot whilst masking some part of the number and names k?

Instead of calling a spade a spade, Maxis decided to hoodwink the blogger by responding that he has accessed a test account and the details found was not a valid Maxis account holder.

From Arysan,

Maxis doing a damage control and replied:

“MaxisListens: @arsyan @demonick As a result, customers who logged in to the portal were able to see a TEST A/C which was not a valid Maxis cust’s profile.”

But as you know, bloggers are quite the inquisitive sort. So Arysan decided to send the “test account” an sms and it turned out that what Maxis said was not true.

Image from http://arsyan.com/blog/2010/10/04/maxis-billing-system-bug/

Social media moral lesson of the day – Double check you replies on social media or it will come back to haunt you.

From a brand’s perspective, it can be quite a nuisance to see a blogger finding a major glitch in your online services that could put a dent on the brand’s reputation. But taking on the blogger with a lie isn’t a solution. Maybe it was a lie but the social media respondent was misinformed.

So how should have Maxis respond?

First of all, the glitch, if left unreported or unblogged, could have resulted in more personal accounts being accessed by unknown parties. The blogger was, in fact, doing Maxis a service.

Maxis should have thank the blogger to spotting this and inform the blogger that a team has been put in place to remove this glitch.

Maxis should have also taken the role to provide the blogger with updates of the team progress.

Next, once the glitch has been fixed, Maxis could have inform the blogger about it and also thanked him with a reward for noticing the bug and for alerting them.

From a PR perspective, Maxis should send out a release, apologising for the glitch, highlight the steps that have been taken to prevent the glitch and the remedies to ensure that such a glitch would not happen again.

Dealing with a crisis created by a blogger is no different from how you should handle a crisis with the media. After all, the blogger is the public in public relations.


Recommended Money Makers

  • Chitika eMiniMalls
  • WidgetBucks
  • Text Link Ads
  • AuctionAds
  • Amazon Associates