“Aw crap,” I muttered as I looked at my inbox a few weekends ago and saw an email from Buffer CEO Joel Gascoigne with the subject line “Buffer has been hacked — here is what’s going on”.
We rely on Buffer to handle all the iDoneThis social media accounts, so I braced myself for all sorts of toil and trouble as I clicked on the email. It began:
I wanted to get in touch to apologize for the awful experience we’ve caused many of you on your weekend. Buffer was hacked around 1 hour ago, and many of you may have experienced spam posts sent from you via Buffer. I can only understand how angry and disappointed you must be right now….
Fortunately we hadn’t been affected, but I continued to follow updates as they unfolded. Throughout, Buffer was transparent, responsive, and reassuring. They disclosed, accepted responsibility and apologized for the security breach. They communicated not just what they knew but gave us a heads up about their next steps and guidance on what we could do to protect our accounts in the meantime. They also continued posting updates and answering everyone’s questions while resolving the problem.