Inside This Issue - Opinion
Data breach at Target a warning for others
January 27th, 2014
by Jeffrey Woldt
New revelations stemming from the ongoing investigation into the massive data breach suffered by Target during the holiday selling season raise unsettling questions, not only for the nation’s second-largest discounter but for all members of the mass retailing community and the people who shop their stores.
Target earlier this month revealed that efforts to unwind the theft of information linked to some 40 million credit and debit card accounts, which stemmed from transactions in its stores between November 27 and December 15 of last year, uncovered that hackers succeeded in gaining access to records in the retailer’s database for as many as 70 million additional individuals. Names, mailing addresses, telephone numbers and e-mail addresses were involved in the newly reported breach, potentially paving the way for identity theft that goes beyond the ability to compromise a single financial account.
Together the two groups of customers involved equal a third of the U.S. population.
Target has responded reasonably well to the situation, assuring customers that they are not liable for fraudulent charges, offering free credit monitoring and identity theft coverage for a year, and running full-page ads in major newspapers in which chairman and chief executive officer Gregg Steinhafel apologized to patrons, expressed the retailer’s solidarity with them, and pledged to do whatever it takes to regain their trust.
The company could, however, be criticized for being slower than it should have been in discovering the problem, recognizing its scope and taking corrective action.
At the same time, it needs to be remembered that Target was also victimized. The company announced that its same-store sales and earnings per share for the fourth quarter will be adversely affected by fallout from the data breach, a trend that could well continue in the new fiscal year.
The bottom line is that the experience of Target and Neiman-Marcus, another merchant that was hit by hackers in December, should serve as a wake-up call for the entire industry. Shoppers have to be confident that the retailers they patronize can effectively protect personal financial information or they will take their business elsewhere.