A marketing agency was asked by a small and exclusive hotel chain with a growing portfolio of properties to help launch its latest upmarket destination.
Nice work if you can get it.
The hotel and its luxury spa had been photographed from every possible flattering angle. A range of launch events had been scheduled and a lavish brochure produced, to be posted to a selection of clients and emailed to others.
So far, so good. The brochure looked suitably glitzy and had been signed off by the client. Now to wow the public with it.
Which is when things went unexpectedly wrong.
The account manager responsible for emailing the brochure to the carefully prepared target list had been working endless hours to get it finished on time.
That meant he was feeling a little less than fully alert as he pressed ‘send’ on the email campaign.
And it perhaps helps to explain why, instead of attaching the brochure to the email, he instead attached the spreadsheet of over 4,000 target names – containing not only email addresses, but also actual addresses, as well as telephone numbers and other personal information.
Oh dear. That’s a mistake that constitutes a data breach – something the Information Commissioner’s Office (ICO) takes a dim view of.
Just as well, then, that the marketing agency had cyber insurance in place to help limit the damage. Because the hotel chain’s head office quickly started logging complaint calls from people worried and/or angry their private details had been made public.
How cyber insurance helped
- With complaint volumes rising, it provided an experienced team to contact everyone on the list, to let them know about the data breach if they didn’t already, and to help smooth things over. Cost: £1,750.
- It paid for a legal expert to inform the ICO of the data breach, liaise with their officials and provide all the details. It also paid for the costs of the regulatory investigation once the ICO decided to take things further, and it also covered the eventual fine. Cost: £8,500.
- Reputations were taking a battering once the press got hold of the story – both the hotel chain’s and the marketing agency’s – but the PR expertise the insurance paid for helped to contain the crisis. Cost: £3,500 for one month.
Total cost: £13,750.
That’s a pretty serious and costly chain of events from such an innocent mistake.
All’s well that ends well
But just imagine how much worse it could have been.
The agency was extremely lucky none of the people on the list claimed against them for breach of confidentiality.
The running total would’ve been a lot more, taking into account legal costs and damages. Not to mention how time-consuming it would have been, trying to keep on top of things.
As it was, the marketing agency weathered the storm and continued on. And the account manager who pressed the fateful button always now double-checks before hitting ‘send’ – especially if he hasn’t managed to get much sleep the night before.
Cyber insurance for marketing agencies starts from just £9.24 a month.