It’s another week – and there are more people who should know better who have now got egg all over their faces!
This time round, it’s the flaws in a financial management tool designed to track and monitor customer spending habits that has left bosses at Mint.com needing to placate a growing number of their online users.
Mint.com’s problems with email security – and its subsequent problems in managing customer concerns – have been well documented in recent days. For those that don’t know the story, Mint.com sent 11 million blank emails to four million customers on 12 October
2010. These customers use the fee-free website to help them manage their financial affairs. A key requirement of Mint.com is that all customers provide their up-to-date bank account information, which is protected by the website’s online security systems.
What has turned this issue into a problem Mint.com is the lack of empathy it displayed when responding to customers who feared their financial data may have been hacked into as part of a targeted cyber attack. Rather than reassure customers, Mint.com attempted
to brush-off people with the vaguest of explanations – which left many users bemused and unhappy.
It’s easy to understand why customers have got themselves into such a lather. For the official public relations response was something along the lines that this was a testing error caused by an employee, who simply ticked the wrong box on a computer application
– and then sent an email out!
I have a few questions of my own on this matter: firstly, why was Mint.com ‘testing’ with live customer data? Secondly, where are the safeguards in Mint’s internal systems that are supposed to prevent this kind of thing from happening?
I don’t honestly expect to get an answer to these questions. After all, if they won’t tell their end-users what has really happened, they’re hardly likely to tell me!
But in the final analysis, let’s hope this is a lucky escape for all concerned – including Mint.com. But as the website clearly doesn’t know what its done, we cannot be sure as to the potential extent of the problem until more facts come to light.
If Mint had protected the content of their email – this would be a minor issue, regardless of whether data has been lost or not. Mint may turn around and say no data has been lost, but what's to stop an employee accidently clicking something important next
time, if indeed they haven’t already?
To read the full article about the problems experienced by Mint.com, please visit: