Online retailer THE ICONIC has committed to refunding customers who were charged large sums for fraudulent orders after complaints from dozens of Aussies.
Fuming consumers took to THE ICONIC‘s Facebook page yesterday in frustration over the alleged hacking. Some complained that more than $1000 had been removed from their accounts.
A spokesperson for THE ICONIC was quick to respond, offering refunds on all successful fraudulent orders that had been dispatched and cancelling all that had not yet been sent.
The fashion retailer said that the incidents were not the result of a data breach. The retailer noted an increase in fraudulent account log-in attempts. The customers appear to have fallen victim to “credential stuffing,” a type of hack where previously exposed email and password combinations are used to access accounts on other websites.
“Our teams are also proactively intercepting unauthorised access attempts and cancelling any fraudulent orders made, in addition to providing customers with full refunds for any successful orders made that have been dispatched,” the spokesperson said.
The speedy response from THE ICONIC is but another example of how brands can effectively handle what could conceivably be a PR nightmare. The response is calling back into question the response of Optus once again during their outage last year. The outage lasted for 12 hours and left 10 million Australians without coverage.
Optus’ CEO, Kelly Bayer Rosmarin, was widely criticised for not being transparent with customers during the crisis, which saw not just mobile services but also eftpos services and 000 lines shut down, and for not reacting quickly enough. At the time, Bayer Rosmarin told a Senate inquiry looking into the outage that it would have been “unusual” for her, as the CEO, to be public-facing during the crisis. Bayer Rosmarin later resigned from her position within the company.
A month later, Westpac showed Optus how it was done when their system went down, leaving customers unable to access their bank accounts online for around 8 hours. The bank began posting regular updates on X (you may know it better as Twitter) around 9 pm AEDT on December 4th through to around 5.15 am the following day when the problem was resolved. The bank acknowledged the failure in its service and profusely apologised to customers.
Australians seem to be locked in a constant battle to protect their information online, with a notable increase in scams emerging and a string of data breaches. A recent report into scams found that reported losses increased to at least $3.1bn in 2022, representing an 80% increase from just a year earlier.
With such an increase, Australians are being urged to be more vigilant while brands strengthen their crisis communications to ensure effective communication and quick response time when the unthinkable happens.