Crisis in the Dark: Why it is so Important to be Prepared (Part 3)
Don Goldberg
In this article, I wanted to get away from natural disasters and structural collapse. To some degree, those are out of executives’ hands, at least when it comes to when or how a crisis might strike. So here are major crises identified by ChatGPT from the past five years that did not involve natural disasters […]
In this article, I wanted to get away from natural disasters and structural collapse. To some degree, those are out of executives’ hands, at least when it comes to when or how a crisis might strike. So here are major crises identified by ChatGPT from the past five years that did not involve natural disasters or structural collapses, and where the organizations involved were largely unknown to the public before the crisis—yet clearly unprepared for it:
Archegos Capital Management Collapse (2021)
What happened: Archegos, a private family office, imploded after massive leveraged bets went sour, triggering over $10 billion in losses across major global banks.
Why they were unprepared: For one, it had extreme leverage hidden through complex derivatives, never a good business practice. In addition, it had no realistic stress testing for rapid market moves. And from a crisis management perspective, they had no communications or containment plan once margin calls hit.
The result: A lot of unhappy investors. Immediate liquidation, investigations, and severe damage to counterparties. Archegos was obscure by design—and had no capacity to manage the visibility or velocity of failure once it began.
Synapse Financial Technologies Bankruptcy & Account Freeze (2024)
What happened: Synapse, a behind-the-scenes fintech providing banking infrastructure to startups, collapsed into bankruptcy, freezing access to thousands of customer accounts across multiple apps.
Why they were unprepared: On the technical side, they had poor reconciliation between partner banks and fintech clients, and no credible wind-down or customer-protection plan. More importantly from a crisis management standpoint, its confused, delayed communications left end users in the dark.
The result: Consumers couldn’t access their own money for weeks or months. In retrospect, Synapse was systemically important without realizing it, and entirely unready for a public-facing crisis.
Progress Software MOVEit Transfer Data Breach (2023)
What happened: A zero-day vulnerability in Progress’s MOVEit file-transfer product was exploited, leading to mass data breaches across governments, universities, and corporations worldwide.
Why they were unprepared: A single product flaw cascaded across thousands of customers. Yet its initial disclosures underestimated the scope and impact. And the cardinal sin: customers, not the company, drove much of the crisis response.
The result: Widespread regulatory scrutiny and lawsuits. Progress was a known B2B vendor—but not prepared for the reputational consequences of being a global failure point.
All three of these organizations operated out of public view yet sat at critical junctions of financial or data risk. Their failures weren’t sudden accidents; they reflected a lack of imagination about how quickly obscurity can turn into exposure—and how unforgiving that transition can be.
And like the crises detailed in the first two parts of this series, they utterly failed to do the one obvious assignment before disaster struck: get prepared. Developing effective communications systems to customers, investors, residents, regulators, and the media at large would have mitigated the reputational crises that each of these events resulted in. Of course, you can’t stop every disaster before it happens, but you can develop both obvious and not-so-obvious scenarios, put proven systems in place ahead of time, and regularly practice against those scenarios.
