This Heartbleed thing has my panties in a bunch.
As a writer, I’m a fan of good communication, and I cannot for the life of me understand why I haven’t received the slightest notification from the companies I deal with who have been affected by Heartbleed. I’m talking to you in particular, Google. I have three gmail addresses: one accidental, one because Verizon made me do it, and one for my writerly things. But none of those addresses has contained a note from my provider.
Problem is, Google can ignore its users. It’s not like there’s going to be a mass exodus from Gmail. The number of Gmail addresses worldwide is huge. In June of 2012, Google announced Gmail had 425 million monthly active users. Google houses about 13 % of the world’s email addresses, and while that may not sound like a lot, when one company controls that much real estate in cyber-space, they’re pretty much an empire. With one short and informative email, Google could notify more than 425 million users, “Hey, there’s this Heartbleed thing. Our secure servers have a hole. But DON’T DO ANYTHING YET. We have to fix the hole first, then we’ll let you know when it’s safe to change your password. We owe it to you for unwittingly being party to threatening your security.” They don’t even have to take any blame.
But emperors don’t do such things.
Instead we get…silence. Not even crickets. Just…nothing.
Google and all the others can tell themselves everyone’s heard about Heartbleed from their local nightly news, or on various websites that have been getting this story out—Thank you Mashable!—or around the water cooler at the office They can say Ah, we’d just be bothering our customers, or decide it’s up to the customers to inform themselves, or fret that they shouldn’t say anything until they have a solution in place.
I’ll tell you though, the ostrich approach to customer service rarely works, folks. Just ask Target. As a user, what the failure to communicate does is remind me that my interactions with the companies who claim to want me as a customer are one way streets. Google can put ads on the baby videos I post on YouTube, they can cruise my email contacts and spam me to expand my Google+ interactions, but tell me about a problem that affects my cyber-security? No, that won’t happen.
I suppose it’s good for me, then, this Heartbleed. Bumps me out of my naiveté. Makes me do some thinking about who I really want to be doing business with. It is my choice, after all.
But because Google houses so many of the world’s email addresses, and because it bills itself as forward thinking, I feel especially scornful toward their customer disservice. Still, they’re far from the only culprit. I haven’t heard from Facebook or Twitter either, nor a bank I use, nor Yahoo, Turbo Tax or you, WordPress.
An honest email saying “We’re aware of it, we’re assessing our vulnerability and we’ll keep you posted.” would go a long way toward maintaining customer loyalty. Google tells Mashable its customers don’t need to change passwords but better safe than sorry. Huh. Guess they couldn’t tell me themselves.
If you can search my contact list, you know where I am, Google. Drop me a note some day, would ya? I’d love to hear from you.