Skip to main content

Target CEO resigns in the fallout of massive data breach

target in 67m settlement with visa over massive 2013 hack exterior
Target

Mentioned within a post on the official Target pressroom earlier today, Target CEO Gregg Steinhafel has resigned as of today after spending 35 years at the company, six of which were as the CEO. Steinhafel’s resignation has been specifically attributed to the massive credit card data breach that’s potentially impacting more than 100 million Target customers. Taking over for Steinhafel during the interim, Target chief financial officer John Mulligan is taking over as the interim president and chief executive officer while a search is ongoing for a permanent replacement.

With early estimates in the 40 million range, the impact of the data breach has tripled in size with analysts estimating between 110 and 130 million accounts could be at risk. Using a form of malware, hackers were able to gain access to Target’s point-of-sale system and pull credit card information for a couple weeks without being noticed. After the breach in security, Target encouraged customers to work with credit card companies to change card numbers and offered 1-year of free credit monitoring from Experian to anyone that was impacted by the security lapse as an apology. 

Target Red CardSpeaking about the data breach in his resignation letter, Steinhafel said “From the beginning, I have been committed to ensuring Target emerges from the data breach a better company…We have already begun taking a number of steps to further enhance data security, putting the right people, processes, and systems in place. With several key milestones behind us, now is the right time for new leadership at Target.”

One of these steps includes hiring Bob DeRodes as the company’s new chief information officer. With a background that includes consulting work at Department of Homeland Security and the Department of Defense, DeRodes seems like a solid fit to beef up the retailer’s internal security and make sure a similar data breach won’t occur in the future. Interestingly, Target is leading the way to transition to the new chip-and-pin credit cards faster than the major credit card companies. With a tiny chip embedded in the Target-branded card, users must enter a secure password when checking out at the retailer.

Editors' Recommendations

Mike Flacy
By day, I'm the content and social media manager for High-Def Digest, Steve's Digicams and The CheckOut on Ben's Bargains…
Yahoo agrees to pay $50M in damages for biggest-ever data breach
yahoo mail photo sync caller id smart phone mobile app smartphone

Yahoo has agreed to pay $50 million in damages for a huge security breach in 2013 that affected all three billion of its user accounts globally, the AP reported on Wednesday, October 24.

So long as it receives federal court approval next month, the settlement terms of the class action lawsuit will also provide two years of free credit-monitoring services to U.S.- and Israel-based victims of the hack, which is believed to be the biggest data breach ever to have taken place.

Read more
Yahoo’s 2013 data breach is worse than believed — 3 billion users were affected
Yahoo

In December 2016, Yahoo disclosed that its servers were hacked way back in 2013, compromising the sensitive personal data of around 1 billion users. On Tuesday, Yahoo's new parent company, Verizon, confirmed that the initial estimate was a bit low -- in fact, all Yahoo accounts were compromised in the 2013 hack. That's 3 billion users, making it the largest data breach in history.

"Subsequent to Yahoo's acquisition by Verizon, and during integration, the company recently obtained new intelligence and now believes, following an investigation with the assistance of outside forensic experts, that all Yahoo user accounts were affected by the August 2013 theft," reads a statement from Verizon subsidiary Oath.

Read more
Equifax confirms it suffered a separate data breach in March
Another 2.5 million Americans may have been affected by the Equifax breach
cfpb investigation equifax hack headquarters

Rick Smith, Chairman and CEO of Equifax, on Cybersecurity Incident Involving Consumer Data.

Following the massive data breach that Equifax disclosed to the public in early September, news of a second, earlier attack at the credit agency has emerged. Although originally just a rumor from anonymous sources, on September 19, Equifax confirmed the secondary hack, which took place in March, though the firm denied it had anything to do with the larger hack. Adding insult to injury, Equifax has now inadvertently contributed to a phishing campaign by sending its customers to a phishing site rather than its own breach notification portal.
The chain of events so far
As originally reported by the New York Times, the first cyberattack we learned about occurred sometime between the middle of May 2017 and July 29 when the intrusion was discovered. What makes the Equifax attack particularly troublesome is the company's status as a central clearinghouse for sensitive credit-related information including social security numbers, driver's license numbers, and other data that can be used in a variety of ways to harm those affected.

Read more