What does a dating app and a global software company have in common? Both were in the headlines recently, but for all the wrong reasons.
Tea, a rapidly growing dating platform, suffered a catastrophic security breach when hackers leaked more than 72,000 images – including selfies, government IDs, and private post photos. The blow worsened days later when a second breach exposed over 1.1 million private messages, revealing real names, phone numbers, and linked social media accounts.
The communications response? Initially, silence.
Tea’s social media channels went dark in the crucial first 48 hours, fueling anger, speculation, and the perception of evasiveness. Only after public outcry mounted did the company confirm the incidents, disable its direct messaging system, and announce that it was working with cybersecurity experts and law enforcement. By then, the damage was reputational as much as technical – users felt betrayed by a platform that had marketed itself as a safe, private space.
Microsoft, meanwhile, faced its own crisis when cybersecurity researchers disclosed that a Chinese-linked threat group had exploited a zero-day vulnerability in SharePoint, infiltrating multiple industry systems.
Within days of the disclosure, Microsoft issued emergency patches and launched a coordinated crisis communications effort. Updates were pushed through its official blog, security advisories, and the Microsoft 365 Status account on X (formerly Twitter), with clear, actionable guidance for customers on identifying compromise and applying fixes. The messaging was consistent, transparent, and reinforced the urgency of immediate action.
Two breaches. Two very different playbooks.
In today’s cyber environment, the question isn’t if you’ll face a security incident – it’s when. When disaster strikes, the first 24 hours are critical:
Assess whether the incident is a true crisis.
Align leadership on a unified strategy.
Decide if and when to bring in external experts.
Communicate early, often, and with substance, not spin.
We unpacked these lessons in our recent webinar on crisis communications leadership in a data breach, covering how to:
Contain reputational damage quickly.
Communicate effectively with customers, partners, and employees.
Build strong pre-incident relationships with government and regulators.
You can watch the entire webinar here.
Don’t wait for a crisis to plan your response. Preparation and practice are the only ways to ensure your organization is ready.
