'Twas the nightmare before Christmas. Apologies to Hollywood director Tim Burton, but VTech's current public-relations disaster is one of the scariest holiday marketing tales of all time.
The toy seller is reeling after learning that hackers gained access to data for about 6.4 million profiles belonging to kids. Email addresses, passwords, mailing addresses and children's photos were reportedly compromised, and nearly 5 million parents' accounts were broken into, with 2.2 million of them belonging to American moms and dads. Additional details have emerged every day on the extent of the malicious attack since the story broke on Nov. 27.
So we asked marketers and consultants: What should VTech do? Here are five expert recommendations that we rounded up.
1. Cease holidays advertising.
Matt Nitzberg, chief growth officer for ThinkVine, said that while it may be painful for VTech to pull campaigns during the holidays, it's the right move. "It's likely that parents' concerns would render advertising at this time unproductive, if not downright offensive," he said. "Unless they can repurpose their advertising to describe a concrete remedy—such as how to defeat hackers, or how to get an improved replacement product, etc.—they need to go dark. This is about protecting your brand for the long term rather than trying to maximize sales in the short term."
2. Counter with a free security offer for customers.
The brand should offer its customers several years of complimentary identity protection from a company such as LifeLock and IdentityGuard, said Rich Guest, president of Tribal. He stated that "consumers have to be able to trust that brands will do everything possible to protect personally identifiable data."
3. Own the crisis by announcing plans to improve data security.
Guest said that VTech should then begin upgrading—very publicly—its network security to make consumers feel safe about their data again.
"Hacking, malicious or otherwise, is a part of our digital culture that isn't going away," Guest said. "And no server is safe from hackers."
4. Create a sub-brand for children's products.
Adam Padilla, president of BrandFire, said VTech should follow Philips' example, citing how the Dutch technology giant created a sub brand called Avent for its baby-products vertical.
"It is a smart move for a company like VTech to create a new sub brand for their children's line of products that has a new security policy," Padilla commented. "My daughter plays with a VTech touch-and-swipe baby phone, and if there is a damaged reputation in that space, a new brand name and identity as a more kid friendly and safe option could make an impact."
5. Show big-time urgency and transparency.
The company must act as forthrightly as possible, said Jonathan Halata, managing director at consultancy Real.
"[It] has caused consumers to question the safety of something as innocent as a toy," he said. "The company needs to act with a sense of urgency and transparency to start earning back the trust of its consumers. VTech is not selling just a product or a service but also the reassurance of security and privacy."