“Equifax will not be defined by this experience, but rather how we respond.” –Rick Smith, Chairman and CEO of Equifax

So how has Equifax initially responded to this incident?  In an effort described as tone deaf, out of touch, inappropriate, canned and corporate – Equifax put forth an obviously  packaged crisis communications response to a devastating public and business crisis.  Let’s look at some of the incident response highlights:

1. An apology video and action plan from the CEO was required, but the resulting message was awkward and totally brand centric.  I don’t think the general public much cares if this incident “tests Equifax’s values and resolve.”  Are we apologizing to shareholders or consumers?
2. The primary objective of the CEO video was to ask, “what we’re doing?”  The answer was offering a free package of identity theft protection, credit monitoring and a website to answer consumer questions.  As one of the 143 million consumers impacted by this breach, I question the value of their “free package.”  Especially when that initial free package was accompanied by a waiver of my right to arbitration.  In the world of computer viruses this would be labeled a Trojan horse. 
3. Refer consumers to your website to find out if they are “potentially impacted.”  (If the breach impacts 143 million consumers, who is NOT impacted may be a better question).
4. Social media while peppy, looks out of touch.

While it’s easy to critique Equifax after the fact, it poses an interesting question:  Is your business positioned to do better? 

1. Do you have an alternate crisis website?
2. Is your social media positioned to face the crisis with an appropriate narrative?
3. What are your crisis offers and are you using revised T&Cs that won’t compound your problems?
4. Will you stick to your day-to-day brand messaging or will you revise a more appropriate voice and focus?
5. Does your response match the severity of your crisis?

The time to craft your plan is now.