Target vs. Buffer: Crisis communications lessons from two different approaches

On Dec. 18, news broke that Target witnessed unauthorized access to payment card data across its U.S. stores. Security expert and blogger, Brian Krebs, broke the news on his blog.

Since then, it’s been a full-blown reputation and operations crisis for Target–over the holidays and arguably the retailer’s most important shopping period of the year.

If you’ll remember back to October, tech start-up Buffer experienced its own crisis of sorts when many Buffer accounts were hacked (on a weekend, no less). I blogged about how Buffer handled the crisis from a communications standpoint–which they did very well.

Even though these two companies are worlds apart in terms of size, revenue and years in business, I think there are some key lessons we can all learn around how they both handled (or, in Target’s case, ” are handling”) their respective crisis situations.


Response time after the initial news breaks is critical

Target FB Message 12.18

Buffer Tweet

It took Buffer all of an hour to respond publicly to its hack. Target (at least publicly on Twitter/Facebook) took more than 24 hours after news of the breach “broke” on Krebs’ blog. Now, Target has a lot more to deal with internally when it comes to crafting and disseminating a response–I’ve been on that side of the table and can respect the limitations. But, the reality in today’s world is 24 hours is an eternity. Did it cost Target? Maybe–maybe not. But it certainly left the door open for others to control the narrative early on. Buffer, by contrast, was right out in front of the hack before most people even knew their accounts were compromised.


A simple apology can go a loooooong ways

Target FB message 1

Buffer FB

One thing I’ve noticed about Target’s communications since the breach–there has been no public apology. Not one sorry from anyone on the Target side (again, that I’ve read or seen). Now, I have a feeling that may have to do with legal issues, and you just never know what goes on behind close doors in these types of situations. But you’ll also notice how many times Buffer said sorry early on in its communications (twice just in this one Facebook post above). That entire weekend, Buffer was continually apologizing for the hack. And you know what? That was one of the things users appreciated the most (and they told Buffer as much on Facebook and Twitter).


Use one spot online as your crisis “home base”

Here’s another thing Buffer nailed (in my view)–they used ONE spot online (their blog) as THE place to go for information about the hack. They shared all news of the hack here. Gave instructions to users about how to get accounts back up-and-running. And updated it frequently. So, if you were a Buffer user, you KNEW you could expect up-to-date information about the hack on the blog. And ONLY on the blog.

Buffer Blog1


Target, on the other hand, has taken a different approach. They’ve used multiple spots online to update and refer people. They’ve used their BullseyeView blog, pages on and even their online media room. I’m not sure Target’s approach is “wrong” in any way, but I certainly thought Buffer’s approach of posting all news and information about the crisis in one spot worked awfully well.


Does a CEO on Twitter help you during a crisis?


Buffer apology tweet1

Joel Gasciogne, CEO of Buffer, leads a start-up of less than 20 employees. Gregg Steinhafel, CEO of Target, leads a team of 361,000 staff. So, there’s no doubt the two live in vastly differently worlds. And, they undoubtedly also face vastly different pressures (Target is a publicly-traded company, for example, which brings all sorts of issues to the table). And, in crisis situations, they both show up much differently online. Joel was out in front of the Buffer hack from the get-go, often times using his personal Twitter account to respond to users. He signed off on emails and Facebook posts. He was taking responsibility.

Mr. Steinhafel, not surprisingly, has no Twitter account. I say “not surprisingly” because there aren’t many Fortune 100 company CEOs who do have a Twitter account. And, I’m not necessarily sure that’s not such a bad idea. But, that does limit Target’s opportunities in a situation like this. You can see them trying, with the short videos of Mr. Steinhafel in his initial blog post on Bullseye View. But ultimately, I’m not sure those work quite the same way as Gasciognie’s responses on Twitter and Facebook. Not sure there’s much Target could have done here, but I thought it was worth pointing out the effect an authentic, nimble and responsive CEO had using online channels in a crisis situation.


Update your audiences–frequently

This is where Buffer really excelled–and it’s a crisis communications 101-type issue. Update your audiences–frequently–during tough times. It may not always feel right–heck, most companies seem to think crisis situations will go away on their own. But, for Buffer that meant hourly (if not more frequent) updates around what was happening and why. If you were a Buffer user during the hack, one thing you could NOT complain about was a lack of information.

Buffer Blog2


Buffer Blog3


Target seems to be doing a pretty solid job here as well. Updating people on new news and information. They’ve been updating their Facebook page regularly, with updates, FAQs and additional links to even more information (and responding and chiming in often in the comments of those posts with facts and information). They’re responding to questions and inquiries on Twitter–at least as much as they can from what I can tell. From all accounts, they seem to be updating folks as often as they can, too.

Target Twitter CEO message responses 12.21

Bottom line: Just solve the problem

Buffer FB2

The bottom line in crisis like these is often quite simple: Solve the problem. In Buffer’s case, they managed to fix the hack by the end of the weekend (less than 48 hours by my count). In the meantime, they kept people up-to-date via email, Facebook, Twitter and their blog–all channels they knew their customers were using. Target, unfortunately, is still trying to fix its problem. Granted, Target’s problem is much more complicated than Buffer’s, so we’ll have to see how the next week or so plays out to see if/how Target resolves it.

Thanks for installing the Bottom of every post plugin by Corey Salzano. Contact me if you need custom WordPress plugins or website design.

Leave a Reply

Your email address will not be published.Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>


6 comments on “Target vs. Buffer: Crisis communications lessons from two different approaches

  1. rothjg says:

    I think this is a bit of an unfair comparison, and you’ve acknowledged that too in the above. Buffer, as a smaller company, has a lot more agility when it comes to social media. Less stakeholders, easier to come to a consensus on messaging and, because they are smaller, less open to litigation. People tend to target (pun not intended) large companies like Target with litigation because they a. feel the company can afford it and b. usually the company will pay a settlement instead of going to court. This makes large companies extremely sensitive to what’s going out on their social pages.

    Is Target knocking it out of the park in terms of social media response? Heck no. But I think they’re doing the best they can given the circumstances. A couple of things they definitely could have improved on: Responding in less than 24 hours (absolutely this is KEY in driving the narrative. If you don’t someone else will), having a single point of reference for updates on the situation and not posting that “Break in case of emergency” Facebook post. Someone should have had the foresight to recognize that was not going to play well given the situation. 

    Great article overall, but would have definitely liked to have seen a more even comparison. Given another Fortune 100 company to compare to, Target would probably come out on top.

  2. @corinamanea says:

    Hi Arik,
    Great post. I agree with rothjg that the comparison is not quite even, but I must add that Fortune 100 companies should learn from small companies how to react on social media. I understand there are stakeholders involved, policies, etc, but sometimes a sincere response and an apology make all the difference. 
    However, I like the fact that you compared a Fortune 100 company and a start-up, because it can help the first one to learn or at least see a different approach to more or less similar crisis.

  3. arikhanson says:

    rothjg No question, this is not apples to apples. I just thought it was interesting to note what a big company with the resources Target has at its disposal can learn from a small little company like Buffer when it comes to crisis comms. I’m with you–I think overall, Target is doing a fine job. They’ve made a couple questionable decisions, but many times that involves factors outside PR’s purview, so I sympathize with my colleagues at Target HQ 😉

  4. arikhanson says:

    @corinamanea rothjg Big organizations can learn a ton from smaller companies–in many ways outside crisis comms. But, as noted below, legal and risk are usually driving the bus on these types of things…

  5. kmskala says:

    A more relevant comparison — Dominos. They were timely, personable and accountable. Target is botching this left and right. Unfortunately, it will have little impact on sales.