Customer Support: Handling Sensitive Questions with Care

Written by Ian Landsman · 02.12.2021

In last week’s Thoughts post, we shared a story of a great customer service experience.

This week’s story is a little bit different.

It’s one of those support anecdotes that makes you sigh and say, “Oh, dear” (or switch out dear with some stronger language I can’t replicate here).

Let’s break this story down step by step, and learn from it.

A security concern is raised, and an individual reaches out for company comment. T-Mobile Austria responds to confirm they do store passwords in a way that may not be particularly secure (I could write a post on why this in and of itself is poor customer service, but I digress).

When the individual objects to the company’s response and asks if the development team will seek to address this in the future, another T-Mobile Austria representative responds.

Oh, dear.

Whatever the topic of the inquiry, saying “I really do not get why this is a problem” is never the way to respond. An individual’s concern (whether you think it’s a justifiable concern or not) should never be subject to a belittling response from your support rep.

But it’s not over yet.


Oh, NO.

The quick response of many was essentially to ask, “What if you’ve just dared every internet hacker to attempt to breach your security to prove it isn’t ‘amazingly good’?”

Eric and Käthe go back and forth for a while longer — and it doesn’t get better.


It’s important to note this wasn’t just a conversation between a few people. You can find dozens of individuals weighing in by viewing the full conversation on Twitter.

Here’s Verizon stepping into dangerous waters to offer an alternative.

This thread discussed who at T-Mobile Austria is most at-fault (and does Käthe deserve the backlash for her company’s security practices?).


Okay. Let’s learn from this, so it never, ever happens at our own companies. Here are three quick takeaways.

Train your support team to know when a sensitive inquiry should be escalated.

As soon as the original question was raised, the IT team, CIO, or whomever is in charge of security could have been brought in for consultation and sign-off of any security-focused tweets. Security breaches are a tremendous threat to companies, and they’re occurring at an increasingly-frequent rate. This is NOT a topic that should be single-handedly managed by a customer service representative.

While your representatives are tasked with solving problems and responding to a variety of issues, let them know it’s okay to escalate inquiries they believe are of a particularly sensitive nature.

Train your support team to know when and how to stop the public conversation.

Tone of the T-Mobile Austria tweets aside, a key factor that made this situation get such attention was that it just… kept… going.

You may have the most pleasant and professional customer service representatives, but there are some conversations that just aren’t going to be wrapped up with a pretty bow. For example, the customer is angry and you just won’t be able to change their outlook on your company or product; alternatively, you simply may not be equipped to provide an answer that’s going to fully satisfy them.

Do a workshop with your customer support team that 1) focuses on how to publicly acknowledge questions and proceed to transition the conversation offline, and 2) trains them on writing responses that help to end the conversation more quickly than not.

For instance:

Hi (name), thanks for your inquiry. We assure you we prioritize our customers’ security and protecting their private information. As a matter of practice, we do not comment on the specifics of our security measures in public forums.”

You may still be pressed for more answers, but you’ve set expectations early that you won’t be fulling diving into the details publicly.

Train your support team on tone and making promises.

Security concerns and a challenging attitude? This was a double-whammy of dangerous customer service territory.

The tone in which customer service representatives communicate is critical. It can make or break any experience and the impression your brand leaves. For more of our thoughts on tone, check out our blog post, “Understanding ‘Tone’ and Its Impact on Conversations.”

And lastly… about those promises.

Companies are hardly immune to security breaches, even when they’re following the best security practices. The promise of breaches not happening because of untouchable, perfect, “amazingly good” security was dangerous, because, unfortunately, this company (like all others) remain at-risk. A breach may happen.

And if it does, you want people to point to the record of you having done your best to protect your customers.

You don’t want to be on the record making false promises.

Image of Ian Landsman
Ian Landsman
Ian founded HelpSpot in 2005 with the goal of making every interaction with your customers simple and efficient.
Case study logo or photo

We trust HelpSpot with our most important communication—and they've made a huge difference to our business.

Teagan West, Customer Service Manager

The Silent Partner

Your customer service at scale
Amplify your support with HelpSpot: the streamlined
solution for scaling customer service effortlessly