Customer Service Lessons from CPVLab Security Breach


Share on LinkedIn

I have been a keynote speaker at a number of events. While I typically focus on the theory of customer service and marketing practices, sometimes I feel that the best approach is to use a real-life example. I encountered one recently after talking to some colleagues about the downfall of CPVLab.

CPVLab is a marketing analytics platform that was founded in 2010. It had a fantastic reputation in the affiliate marketing industry. A recent security breach and customer service fiasco ruined its reputation forever.

customer service lessons

Part of the problem was that the company didn’t prepare for a recent scandal from a rogue employee and hacker. Part of the problem was that the company didn’t prepare for this possibility. However, the ultimate problem was that the customer service response was so poor. Customers posted angry messages about it on the Warrior Forum and other sites.

Here is an overview of this problem and some lessons that customer service professionals can take from it.

CPVLab was hacked by a former employee

A couple of months ago, many people tried using the analytics platform that they had depended on for the past eight years. They were unable to access the interface. The problem was that their platform needed to connect with the CPVLab license server to login.

A former employee decided to go rogue. He hacked the license server to deny paying customers access to the service. While this didn’t make the list of the top 5 security breaches, it was pretty heinous. He then sent a fraudulent email to customers, pretending that he was still a member of the company. He said that the server was unfortunately reaching capacity before expected, so customers needed to pay for an upgraded license with a new server. He was trying to get people to purchase a cloned product that had no affiliation with his former employer, although he was using their trademark and technology.

Customer service team drop the ball

As you can imagine, customers were furious. They had paid a lot of money to use this service. They didn’t like being cut off from the platform that they had paid for. They also weren’t at all keen on the thought of paying another fee for the service that had already been contractually guaranteed to them.

Numerous customers began filing complaints. Unfortunately, the customer service team was not very responsive. Customers said that they used to do a great job responding to concerns. Unfortunately, their complaints didn’t get responded to for over a couple of weeks.

There is a rumor that the owner of the company had been out sick for a while. Apparently, nobody had a backup plan to resolve problems like this in his absence. As a result, they didn’t have a plan to address this huge dilemma. Customers were not offered refunds for their services.

Lessons for customer service professionals

Customer service professionals should use this as a case study. Learning from the mistakes CPVLab made here can make the difference between whether or not your company survives.

Have a customer service contingency plan for potential disasters

This company clearly never expected that their employee would turn on them like this and sabotage their product. However, they should have foreseen that there might be a technical problem that they wouldn’t be prepared for.

Your customer service team should prepare for such a possibility. You may not know what problems you will encounter. However, you can at least have some quick solutions to help address them. Offering credits or a grace period without charging for new subscriptions could be a good idea.

Properly respond to all concerns

When CPVLab failed to respond to customer concerns, they sent the message that they had no idea how to a deal with the problem. It sounded like they just wanted their paying customers to go away.

This is the worst mistake imaginable. Always respond to customer concerns right away. Even if you don’t have a solution offhand, at least you can tell customers that you are working on one.

Delegate decision making authority to someone in the event of a crisis

One of the problems in this scenario was that the company owner had been sick for a while. He didn’t delegate authority to anybody while he was away. This meant that nobody knew what authority they had to solve the problem. You should always consider the possibility that something could happen to a key decision-maker. Make sure there is somebody else in the organization that can take over in this situation.

Featured Image from Shutterstock

Ryan Kh
I'm Ryan, a serial entrepreneur and technologist. My unique skillset and open-minded approach to business has generated more than $3 million in revenue across his portfolio of tech startups with improving their Customer support & branding.


Please use comments to add value to the discussion. Maximum one link to an educational blog post or article. We will NOT PUBLISH brief comments like "good post," comments that mainly promote links, or comments with links to companies, products, or services.

Please enter your comment!
Please enter your name here