The list of big name tech companies experiencing data breaches continues to grow. There is something troubling about the way Google sought to avoid disclosing the breach, in fear of scrutiny and regulation. When a breach happens, a company should focus first and foremost on the impact of its users. The concerns for reputation should come after it address the breach, implement fixes, and handles user exposures.
The focus on protecting its own reputation through secrecy is quite troubling. Big tech companies generally have a reputation of being an agent of positive social good. But, this kind of brings perspective that maybe big tech companies are like all other ones. When trouble hits, their leaders focus on the institutional reputation over the impacted consumer base.
This is a generalization, as some tech companies handled breaches appropriately. Facebook, who had a much larger and significant breach, proactively took steps to ensure data protection was increased following exposing 50 million users. Facebook did not hide the breach, but focused on its actions to address it.
Google is not a bad company, but this is a bit shady. After skipping a Congressional hearing on internet security, this does not certainly does not help.