Max Credit Union, a well-known credit union with more than a dozen locations in the Montgomery, Alabama area, recently found themselves in hot water due to a serious security violation. A member’s name and personal information, including account balance was posted on Facebook. From the perspective of a finance professional it may seem that such a problem is impossible, however we are seeing this happen more and more frequently with the increased use of social media.
How Security Breaches Happen
According to an article from the Montgomery Adviser, posts began to appear on Max’s company Facebook page stating that specific information about a customer and their account balance was being posted elsewhere on Facebook. Max continued to receive complaints for several days, both from the alleged victim and other Max credit union members that expressed concern about the safety of their financial information.
According to the company, the security breach came internally from an employee and per its investigation policy, the employee was placed on leave. Max released a statement reassuring their members they were taking the claims seriously and were in the process of collecting and analyzing all the evidence in conjunction with law enforcement authorities. Additionally, Max reassured credit union members that they would take the appropriate action after they had gathered all of the pertinent information relating to the breach.
It is still unknown why the employee posted customer information to Facebook. The intentional or unintentional posting of customer information online is just one of the many potential security hazards that regulated industries face.
The Effects of Security Breaches
The initial problem faced by Max is damage to their reputation. A spokesperson for the credit union reminded customers that it spent years building a good reputation with its members and they are still dedicated to providing exceptional service to them. In situation like this, years of reputation building can disappear in a matter of hours when customer security is breached.
Aside from reputation, companies within the financial services industry must comply with regulations put in place by federal regulatory bodies. These regulatory bodies ensure all companies within the financial services industry are not violating compliance guidelines through their posts on social media and in turn, always protecting the customers’ privacy. For social media in particular, companies are required to keep an archive of all social media posts as well as identify and remediate all posted content that violates corporate or industry regulations.
How to Prevent Security Breaches
There are countless IT security measures such as virus filters, URL filtering, and other governance risk compliance technologies that are designed to protect companies, customers, and their sensitive information from harm, however these tools often do not apply to the use of social media platforms. A social media compliance solution is essential in order for companies to prevent risky posts on social media sites such as Facebook.
Social SafeGuard is a comprehensive solution that not only monitors and analyzes all social media posts but also takes action and archives any posts that could be a compliance violation. Once a post is identified as a policy violation, Social SafeGuard provides the option to remove the risky post from the social media network either automatically or manually. The company’s compliance officer is then able to review these violations and decide whether or not to release the post from quarantine depending on the level of risk.
In addition to protecting corporate and individual social media accounts, Social SafeGuard can be used to search all public posts on any social network which will help identify negative information that is being posted about a company by others. This capability can also help to uncover rogue employee accounts where a company’s security may have been breached.
Don’t allow a single Facebook post to jeopardize the reputation that your company has spent years building. For more information, please contact Social SafeGuard to speak with one of our compliance experts.