There was a dust up on Twitter today about Blippy, the online service that people use to announce their purchases to the world (My Blippy account). I saw it first this morning on a Venturebeat blog post. Apparently, some smart person found out that a specific type of search would churn up Blippy results with credit card numbers in them. Of course, this caused hysteria, lashing out and loss of trust in the service.
Things looked bad — real bad. After conducting my own search, I was surprised to see page after page of results, all with credit card numbers in them. This was enough to set the lynch mob that is Twitter into motion. It wasn’t long before Philip Kaplan responded with a detailed account of what had gone wrong. To my amazement, of the pages upon pages of search results, only four credit card numbers were actually listed.
Don’t get me wrong, that really sucks for those four people. But it was far from a massive breach of the Blippy credit card number database. Still, Blippy had quite a PR nightmare on its hands. For a service completely built on the trust people have in sharing their financial information with it, everything seems to have been lost. After news broke of credit card numbers in Google results, who would trust Blippy again?
I saw tweets left on right all morning from angry users who were closing their Blippy accounts, even after Kaplan’s explanation of the small, contained problem.
This demonstrates what all too many companies don’t appreciate — your most valuable asset is your customer’s trust.
What, if anything, can Blippy do to regain users’ trust? The Next Web advocates giving Blippy another chance by doing the following:
… publicly remunerate the people who had their information leaked, redouble security efforts, and make plain hopefully through a high-profile new hire that security is at the very core of the Blippy product.
What do you think? Can Blippy regain the trust it lost today? If so, how should it go about doing so?