What the AT&T outage can teach organizations about customer communications and IT best practices

On February 22, more than 73,000 AT&T customers in the US reported a network outage lasting more than eight hours. According to the AP report, AT&T responded immediately and suggested customers to use Wi-Fi calling. The same day, AT&T reassured customers that the outage was not the result of a cyber attack but a technical error.

The company’s response to this widespread disruption offers lessons for organizations about how to communicate with internal and external stakeholders during and after a crisis, and how to prepare for potential technological disruptions that could become major business disruptors.

What caused the AT&T outage?

On February 22, AT&T wrote, “Based on our initial review, we believe today’s outage was caused by the incorrect application and execution of a process we were using when expanding our network, and not a cyberattack.”

AT&T spoke with the Cybersecurity and Infrastructure Communications Agency, the Federal Communications Commission, the Department of Homeland Security, and the Federal Bureau of Investigation about the outage, which sparked some rumors of a possible cyberattack. Communications is defined as a critical function by CISA.

See: CISA and IBM collaborated on a new cybersecurity certification curriculum. (TechRepublic)

AT&T’s response to the outage shows effective communication

On February 22nd, AT&T quickly informed customers through its social media mobile apps, website, and virtual assistants about what had happened and why. When the information became available, AT&T informed all stakeholders that the outage was not caused by a malicious actor. AT&T notified its individual customers, business customers, and employees at the same time in this public letter written by CEO John Stankey on February 25th.

Individual customers and small business customers affected by the outage are eligible for a $5 credit, possibly in the next billing cycle. Business customers are invited to discuss the situation: “We are working closely with our mid-market and enterprise customers and will address their concerns during discussions,” according to Stankey’s letter.

Stankey explained the rationale for the exact amount of the credit (“For this reason, I believe giving those customers credit for essentially a full day of service is the right thing to do.”) and apologized for the inconvenience. This transparency can help minimize the damage that may result from lost trust from customers in the wake of an organization-wide incident.

AT&T told TechRepublic that AT&T’s communications, marketing, product, and operations teams worked together to share facts and updates. These teams also kept customer service and retail teams updated in case of customer calls and store visits related to the outage.

“Speed ​​is everything in times of crisis,” AT&T spokesman Jim Greer said in an email to TechRepublic. “We’ve tried to put customers first and worked quickly to get answers to employees, investors, and regulators about the rapidly evolving situation.”

What specifically can IT learn from the AT&T outage?

Human error happens to even the best of us. PEBCAK – “Problem exists between chair and keyboard” – is an established acronym. Whatever went wrong in a network upgrade seems to be part of the normal order of business.

The AT&T outage emphasizes the importance of testing backups, redundant systems, and emergency preparedness plans. For cell carriers, alternative channels like Wi-Fi calling, satellite service, or carrier-agnostic SIMs can be good backups in an emergency. These actions provide reassurance to customers as well as practical solutions. In addition, the AT&T outage is a good reminder to report incidents to the proper agencies.

See: Carrier-agnostic SIM cards among highlights at this year’s Mobile World Congress. (TechRepublic)

Keeping software up to date and generally modernizing technology is critical to maintaining organizations’ overall security and resiliency, but disruptions like this emphasize the role IT and CISOs can play in communicating well to external and internal stakeholders during an unexpected event. IT and cybersecurity leaders must ensure their software supply chain practices are up to date in case of cascading problems or down-the-chain vulnerabilities, even if no malicious intent is involved.

Even if IT leaders don’t communicate directly with customers, they should still have well-established channels of responsibility within their department so they can respond to and publicize problems that affect many customers.