Target Corp. tech chief resigns amid security overhaul

Target's Chief Information Officer Beth Jacob resigned Wednesday after a pre-Christmas data breach compromised millions of customers' credit card, debit card, and personal information.

|
Rick Wilking/REUTERS
The data breach at Target Corp over the holiday shopping season was far bigger than initially thought, the U.S. retailer said on Friday, as state attorneys general announced a nationwide investigation into the cyber-attack.
|
REUTERS/Kevin Lamarque
A Target employee returns carts to the store in Falls Church, Virginia in this file photo taken last year. The Secret Service is conducting an investigation into a recent security breach at Target stores.

Target Corp. Chief Information Officer Beth Jacob is resigning effective Wednesday as the retailer overhauls its information security and compliance division in the wake of a massive pre-Christmas data breach.

Target Chairman, President and CEO Gregg Steinhafel said in a statement released to The Associated Press that the company will search for an interim chief information officer who can help guide the company through the transformation. Jacob had been in her current role since 2008 and oversaw teams in the U.S. and India.

The resignation reflects the pressure that the nation's second-largest discount retailer faces as it tries to restore its reputation among investors and shoppers nervous about the security of their personal data.

Target said Jacob's resignation was her decision. But analysts say Jacob, who brought a series of technology initiatives to Target's stores and its website, was a scapegoat.

"Target has been obviously impacted. People are questioning Target's security. And she was the fall guy," said Walter Loeb, a New York-based independent retail consultant.

Target disclosed on Dec. 19 that the data breach compromised 40 million credit and debit card accounts between Nov. 27 and Dec. 15. Then on Jan. 10 it said hackers also stole personal information — including names, phone numbers, and email and mailing addresses — from as many as 70 million customers.

Target has said it believes hackers broke into its network by infiltrating the computers of a vendor. Then the hackers installed malicious software in the checkout system for Target's estimated 1,800 U.S. stores.

Target, based in Minneapolis, also plans to look outside the company for a chief information security officer and a chief compliance officer. Before the overhaul, information security functions were split among a variety of executives. Target's new chief information security officer will centralize those responsibilities, the company said.

Compliance duties were previously overseen by Target's current vice president of assurance risk and compliance, who already had plans to retire at the end of March. Now, Target is separating the responsibility for assurance risk and compliance.

Target also said it is working with an outside adviser, Promontory Financial Group, to evaluate its technology, structure, processes and talent as part of the overhaul.

"While we are still in the process of an ongoing investigation, we recognize that the information security environment is evolving rapidly," Steinhafel said in a statement.

Target will be facing fallout from the theft for a while. The company said last week that its fourth-quarter profit fell 46 percent on a revenue decline of 5.3 percent as the breach scared off customers.

Target said sales have been recovering as more time passes since news of the breach. But the company expects business to be muted for some time. It issued a profit outlook for the current quarter and full year that was below Wall Street estimates as it faces hefty costs related to the breach.

Steinhafel told investors last week that Target has updated shoppers early and often on the investigation and is offering free credit monitoring for a year for any customer shopping at a Target store who wants it.

The company is also equipping its locations with more security technology. Target is accelerating its $100 million plan to roll out chip-based credit card technology, which experts say is more secure than traditional magnetic stripe cards.

Target's breach may eventually eclipse the biggest known data breach at a retailer, one disclosed in 2007 at the parent company of TJ Maxx that affected 90 million records.

In a posting last week on a company blog, Steinhafel said, "In the weeks ahead, we hope to understand more about how this attack happened. And will use what we learn to inform our guests, make Target a safer place to shop and to drive change across the broader retail industry."

In a letter to Steinhafel furnished by Target, the outgoing Chief Information Officer Jacob said that resigning was a "difficult decision," but she said that "this was a time of significant transformation for the retail industry and for Target." She did not mention the data breach.

During her tenure as chief information officer, Jacob received attention for helping Target respond more quickly to shoppers' shift to researching and buying on mobile devices.

That included a mobile app called Cartwheel, which combines social networking and discounts. She also oversaw Target's innovation lab that opened last May in San Francisco. The lab looks at futuristic technology, such as how wearable gadgets like smart watches might be used in its stores.

Shares of Target are down 87 cents to $60.46 in midday trading Wednesday. The stock is down a little over 3 percent since the breach was disclosed.

You've read  of  free articles. Subscribe to continue.
Real news can be honest, hopeful, credible, constructive.
What is the Monitor difference? Tackling the tough headlines – with humanity. Listening to sources – with respect. Seeing the story that others are missing by reporting what so often gets overlooked: the values that connect us. That’s Monitor reporting – news that changes how you see the world.

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to CSMonitor.com.

QR Code to Target Corp. tech chief resigns amid security overhaul
Read this article in
https://www.csmonitor.com/Business/2014/0305/Target-Corp.-tech-chief-resigns-amid-security-overhaul
QR Code to Subscription page
Start your subscription today
https://www.csmonitor.com/subscribe